BugTraq
[ MDVSA-2012:055 ] samba Apr 11 2012 12:23PM
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:055
http://www.mandriva.com/security/
_______________________________________________________________________

Package : samba
Date : April 11, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in samba:

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before
3.5.14, and 3.6.x before 3.6.4 does not implement validation of an
array length in a manner consistent with validation of array memory
allocation, which allows remote attackers to execute arbitrary code
via a crafted RPC call (CVE-2012-1182).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
618a07a3b2880bcf1855d782d93f3007 2010.1/i586/libnetapi0-3.5.3-3.5mdv2010.2.i586.rpm
84793723c7a0b711ccf0054fda0a52da 2010.1/i586/libnetapi-devel-3.5.3-3.5mdv2010.2.i586.rpm
88cd11fac84aa9aa8405cbce6dd835bc 2010.1/i586/libsmbclient0-3.5.3-3.5mdv2010.2.i586.rpm
0836753a45ddb9760e27ee422cde449b 2010.1/i586/libsmbclient0-devel-3.5.3-3.5mdv2010.2.i586.rpm
141a9d5388457f80d6fc519d20180bc4 2010.1/i586/libsmbclient0-static-devel-3.5.3-3.5mdv2010.2.i586.rpm
1c10c6e959094d33f19b8279818361b6 2010.1/i586/libsmbsharemodes0-3.5.3-3.5mdv2010.2.i586.rpm
8c2ea1ca2e5ff06174579a95707fa7ff 2010.1/i586/libsmbsharemodes-devel-3.5.3-3.5mdv2010.2.i586.rpm
3f3a4c2575aa4b025608ca0a1b2e81ad 2010.1/i586/libwbclient0-3.5.3-3.5mdv2010.2.i586.rpm
11c5a7f84f6b60f4ba5c96feb6a182ff 2010.1/i586/libwbclient-devel-3.5.3-3.5mdv2010.2.i586.rpm
17eaac9a0b671be1303667e1127c7943 2010.1/i586/mount-cifs-3.5.3-3.5mdv2010.2.i586.rpm
9cf5a0b8975f3de3f7446263e60dbf90 2010.1/i586/nss_wins-3.5.3-3.5mdv2010.2.i586.rpm
934caa56ec7a351ccca4ff02ffb4c541 2010.1/i586/samba-client-3.5.3-3.5mdv2010.2.i586.rpm
6096e9066577d6fa93381276d8daa3bb 2010.1/i586/samba-common-3.5.3-3.5mdv2010.2.i586.rpm
e55c85a899f3546272f184fe69810139 2010.1/i586/samba-doc-3.5.3-3.5mdv2010.2.i586.rpm
26362e3a7e1b3472ef2ccdd52284b0d4 2010.1/i586/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.i586.rpm
70eab496328572818809b15f080cf099 2010.1/i586/samba-server-3.5.3-3.5mdv2010.2.i586.rpm
6952e5097b510af3329c6f5d78f8cbe9 2010.1/i586/samba-swat-3.5.3-3.5mdv2010.2.i586.rpm
915ae724c3de06331cfd04fb0bd69265 2010.1/i586/samba-winbind-3.5.3-3.5mdv2010.2.i586.rpm
4c72879b63802de52b63ed7b83d4a918 2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
ace2c0860c17914d21dbe617fa87e0e7 2010.1/x86_64/lib64netapi0-3.5.3-3.5mdv2010.2.x86_64.rpm
74763ba858d48c7c448defa8b2ffd556 2010.1/x86_64/lib64netapi-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
50ce33ea687930e080072efdfbfc004b 2010.1/x86_64/lib64smbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
f7f790f0205aecfa5b9914a6d9f6c52b 2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
6d3a02bef858a12ee0934dce09e88be4 2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.5mdv2010.2.x86_64.rpm

34853bcef699f85747d96d07c200555f 2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.5mdv2010.2.x86_64.rpm
a6ec714a27184155cef1da72859119e5 2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
295583bae32ab52bd25bc5b121e875ab 2010.1/x86_64/lib64wbclient0-3.5.3-3.5mdv2010.2.x86_64.rpm
9d33640b2e23f9f26833d37f472c7c29 2010.1/x86_64/lib64wbclient-devel-3.5.3-3.5mdv2010.2.x86_64.rpm
60676ae71f3ade9516a539f03354cf8d 2010.1/x86_64/mount-cifs-3.5.3-3.5mdv2010.2.x86_64.rpm
a8ac8164580908142c1ffa71285d7f46 2010.1/x86_64/nss_wins-3.5.3-3.5mdv2010.2.x86_64.rpm
fcb05e26eaf45d2b588580182ffdd0b0 2010.1/x86_64/samba-client-3.5.3-3.5mdv2010.2.x86_64.rpm
18456d389b3c2c0c109e31f80067f41c 2010.1/x86_64/samba-common-3.5.3-3.5mdv2010.2.x86_64.rpm
8622946366a3a05229555e9de579d85f 2010.1/x86_64/samba-doc-3.5.3-3.5mdv2010.2.x86_64.rpm
c4cdca61a5648a017f911fec5bb38e17 2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.5mdv2010.2.x86_64.rpm
3f8ec5ea217e2da57fe2496a790cf613 2010.1/x86_64/samba-server-3.5.3-3.5mdv2010.2.x86_64.rpm
ed0292f244641a730a30c6b5adfce0cb 2010.1/x86_64/samba-swat-3.5.3-3.5mdv2010.2.x86_64.rpm
da63310faa0984097e4db35aafdb6af1 2010.1/x86_64/samba-winbind-3.5.3-3.5mdv2010.2.x86_64.rpm
4c72879b63802de52b63ed7b83d4a918 2010.1/SRPMS/samba-3.5.3-3.5mdv2010.2.src.rpm

Mandriva Linux 2011:
2ece08d6baf00f820370996304a7f464 2011/i586/libnetapi0-3.5.10-1.2-mdv2011.0.i586.rpm
391e0e83b2156f92bf06057ab44336e6 2011/i586/libnetapi-devel-3.5.10-1.2-mdv2011.0.i586.rpm
e6db8597c80e0f52fd8571ae20a2a07c 2011/i586/libsmbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
550c87c7ab33576ffd4dab2ba0c6d57b 2011/i586/libsmbclient0-devel-3.5.10-1.2-mdv2011.0.i586.rpm
50004feba2de339c2c0d5a53a3b9a25f 2011/i586/libsmbclient0-static-devel-3.5.10-1.2-mdv2011.0.i586.rpm
0d73a396ea85b9efe9eb9103a4a506a3 2011/i586/libsmbsharemodes0-3.5.10-1.2-mdv2011.0.i586.rpm
b2fc366a39db8452d49b29aa87c0c3b1 2011/i586/libsmbsharemodes-devel-3.5.10-1.2-mdv2011.0.i586.rpm
4758e5dd9bcdc9a691cb9ffb11cbcc37 2011/i586/libwbclient0-3.5.10-1.2-mdv2011.0.i586.rpm
597f5729e0a9720bbdea9a78784bd9d9 2011/i586/libwbclient-devel-3.5.10-1.2-mdv2011.0.i586.rpm
79a52dd2215429b2a09253de672eb272 2011/i586/mount-cifs-3.5.10-1.2-mdv2011.0.i586.rpm
caa88a84173b74f2382fed9816b67ad3 2011/i586/nss_wins-3.5.10-1.2-mdv2011.0.i586.rpm
adcb26cca8e20413971f83858e613ca8 2011/i586/samba-client-3.5.10-1.2-mdv2011.0.i586.rpm
e23764ffc762ca871bb314906989e656 2011/i586/samba-common-3.5.10-1.2-mdv2011.0.i586.rpm
8c6077e30c837078cdd2accaf5f0b80b 2011/i586/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
bba48e5ecc36ddce12571d081c75b96a 2011/i586/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.i586.rpm
0ae58d4eab55baf06aab27ed1dacf8b5 2011/i586/samba-server-3.5.10-1.2-mdv2011.0.i586.rpm
e4aeea5e4368292c8dd242829ea9cfd6 2011/i586/samba-swat-3.5.10-1.2-mdv2011.0.i586.rpm
4d4eb5129e72ddbdf7e695c5d4023d14 2011/i586/samba-winbind-3.5.10-1.2-mdv2011.0.i586.rpm
43d6e58b17cf2f9c6eddc2c5162042ae 2011/SRPMS/samba-3.5.10-1.2.src.rpm

Mandriva Linux 2011/X86_64:
8e8379f1c13346f05b73dda02f1dd8d4 2011/x86_64/lib64netapi0-3.5.10-1.2-mdv2011.0.x86_64.rpm
58293f1655f7aa5fa263b949c2e19c45 2011/x86_64/lib64netapi-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
b6a4602bbbd5aec74ec7d9186056b2e2 2011/x86_64/lib64smbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
d8d2b44cdec07717a8b69a9d25cf34a4 2011/x86_64/lib64smbclient0-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
a94819d1a6a845d88d227e8049fe68ff 2011/x86_64/lib64smbclient0-static-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm

f0a0f8cd3949b4867d3c76c618a5fb11 2011/x86_64/lib64smbsharemodes0-3.5.10-1.2-mdv2011.0.x86_64.rpm
b32422d1dfd65572ebed6dc66ac7209d 2011/x86_64/lib64smbsharemodes-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
910b81c895ff651eeca1f78443c1ec17 2011/x86_64/lib64wbclient0-3.5.10-1.2-mdv2011.0.x86_64.rpm
a76a2ed3a3d013d096d42621dcf2daaa 2011/x86_64/lib64wbclient-devel-3.5.10-1.2-mdv2011.0.x86_64.rpm
c64d43b8616c133d5a6acbec19decad2 2011/x86_64/mount-cifs-3.5.10-1.2-mdv2011.0.x86_64.rpm
af87db22f74156d2daa4bf2d8cafaaaa 2011/x86_64/nss_wins-3.5.10-1.2-mdv2011.0.x86_64.rpm
a9df74cc2e94bc26c335cca2c128b674 2011/x86_64/samba-client-3.5.10-1.2-mdv2011.0.x86_64.rpm
d723b14c7f44582905cf5f061f98e959 2011/x86_64/samba-common-3.5.10-1.2-mdv2011.0.x86_64.rpm
6b4c30fe785206e3d492ba14a321bdf5 2011/x86_64/samba-doc-3.5.10-1.2-mdv2011.0.noarch.rpm
1c96c6dace7d31700f90880589ee26d3 2011/x86_64/samba-domainjoin-gui-3.5.10-1.2-mdv2011.0.x86_64.rpm
b9de9445a2b129b1ab8e8da10f0d3d19 2011/x86_64/samba-server-3.5.10-1.2-mdv2011.0.x86_64.rpm
44edbe0f928a3a0cfdb3e90b1cbfece8 2011/x86_64/samba-swat-3.5.10-1.2-mdv2011.0.x86_64.rpm
6a2e42f81bc0d0c3554d601981f874a2 2011/x86_64/samba-winbind-3.5.10-1.2-mdv2011.0.x86_64.rpm
43d6e58b17cf2f9c6eddc2c5162042ae 2011/SRPMS/samba-3.5.10-1.2.src.rpm

Mandriva Enterprise Server 5:
7a1d4e2588013fae490cba76c2bd2234 mes5/i586/libnetapi0-3.3.12-0.9mdvmes5.2.i586.rpm
ad114d018b79cafebb33d0afd53097fc mes5/i586/libnetapi-devel-3.3.12-0.9mdvmes5.2.i586.rpm
2d33714f2a135a597ed3f5256472a95d mes5/i586/libsmbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
eda2371679144117ea1e77277f12c37d mes5/i586/libsmbclient0-devel-3.3.12-0.9mdvmes5.2.i586.rpm
53ab484f0c8891e700ea10f09fdedae0 mes5/i586/libsmbclient0-static-devel-3.3.12-0.9mdvmes5.2.i586.rpm
d2c8ecd7fb50314aa6929dc358dee526 mes5/i586/libsmbsharemodes0-3.3.12-0.9mdvmes5.2.i586.rpm
feda8de36a0ed4111c5c41aa47f95fc6 mes5/i586/libsmbsharemodes-devel-3.3.12-0.9mdvmes5.2.i586.rpm
1414741281e22ca6dfdb12af8459c63d mes5/i586/libtalloc1-3.3.12-0.9mdvmes5.2.i586.rpm
6e17ce41a00989e07280fbdd96088cdf mes5/i586/libtalloc-devel-3.3.12-0.9mdvmes5.2.i586.rpm
d6c1fdb5e1c573116d4b3a33b3aeb320 mes5/i586/libtdb1-3.3.12-0.9mdvmes5.2.i586.rpm
cb44eb86989bae64095541066f06f35c mes5/i586/libtdb-devel-3.3.12-0.9mdvmes5.2.i586.rpm
ec4532f047b2da1394bd802eb67e60f9 mes5/i586/libwbclient0-3.3.12-0.9mdvmes5.2.i586.rpm
9666097df96e9195455a2147908b7043 mes5/i586/libwbclient-devel-3.3.12-0.9mdvmes5.2.i586.rpm
c6b8f6647f919ab2cbbe81e0de74a401 mes5/i586/mount-cifs-3.3.12-0.9mdvmes5.2.i586.rpm
0e05dd31949540545a9864c4b282588e mes5/i586/nss_wins-3.3.12-0.9mdvmes5.2.i586.rpm
f0d5bb15fed6a4056175f419fb50e47e mes5/i586/samba-client-3.3.12-0.9mdvmes5.2.i586.rpm
20c4cdec0b728d6bd975684e6b8a9efc mes5/i586/samba-common-3.3.12-0.9mdvmes5.2.i586.rpm
dd8c337420a8f98b769b47a696d5923b mes5/i586/samba-doc-3.3.12-0.9mdvmes5.2.i586.rpm
efba0f8100a63041d8d16608314f5439 mes5/i586/samba-server-3.3.12-0.9mdvmes5.2.i586.rpm
b68b108b9637c9fb4d8b5e3030b539a7 mes5/i586/samba-swat-3.3.12-0.9mdvmes5.2.i586.rpm
0ea3f96b495075f00be667c7f659e674 mes5/i586/samba-winbind-3.3.12-0.9mdvmes5.2.i586.rpm
24d8a954cf8f2b5a7a034338b106791c mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
545843ddaef8e31902a63d24ea1806f4 mes5/x86_64/lib64netapi0-3.3.12-0.9mdvmes5.2.x86_64.rpm
b50e3c389f3bc667a0a3a68dfec90761 mes5/x86_64/lib64netapi-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
2f2e273e4351768b6441301b31f4920d mes5/x86_64/lib64smbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
408b325ffcdd165f18f856ec3982a74a mes5/x86_64/lib64smbclient0-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
992e8d328b483a2d0bb1cb347fdcd889 mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
122979a46ebbabf10f8e982829f56004 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.9mdvmes5.2.x86_64.rpm
8ac2e7f26ef202f44b4bc5f88fa033a2 mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
08c109c58ece0602a7a860a71496cb98 mes5/x86_64/lib64talloc1-3.3.12-0.9mdvmes5.2.x86_64.rpm
d4941beba2ec0143de0fcc5ff9e446e4 mes5/x86_64/lib64talloc-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
c489b3efc90813ef3f94345791359a02 mes5/x86_64/lib64tdb1-3.3.12-0.9mdvmes5.2.x86_64.rpm
94d9ad3a330aff051fb4ed478348818b mes5/x86_64/lib64tdb-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
66187cc6e379dccd47d4664e4b51f745 mes5/x86_64/lib64wbclient0-3.3.12-0.9mdvmes5.2.x86_64.rpm
7ccdbd98aa4388c207cc694f629f1a8b mes5/x86_64/lib64wbclient-devel-3.3.12-0.9mdvmes5.2.x86_64.rpm
46c2e7cffbd2b16fa6fe4cb80b8ae217 mes5/x86_64/mount-cifs-3.3.12-0.9mdvmes5.2.x86_64.rpm
e93fb62b5d2669e00a5e8537d9538d03 mes5/x86_64/nss_wins-3.3.12-0.9mdvmes5.2.x86_64.rpm
aec52d59f0949e615de84f89b716c740 mes5/x86_64/samba-client-3.3.12-0.9mdvmes5.2.x86_64.rpm
74ca1045837e067fc16b35f5a9c8a959 mes5/x86_64/samba-common-3.3.12-0.9mdvmes5.2.x86_64.rpm
b424fdd77ed7e79cc27262008efddc50 mes5/x86_64/samba-doc-3.3.12-0.9mdvmes5.2.x86_64.rpm
711e19975e821852033e9badead55a9d mes5/x86_64/samba-server-3.3.12-0.9mdvmes5.2.x86_64.rpm
ce12e60f6e6950c919b3da333b3a2e07 mes5/x86_64/samba-swat-3.3.12-0.9mdvmes5.2.x86_64.rpm
88406e56abedc8fd56da938f9a116304 mes5/x86_64/samba-winbind-3.3.12-0.9mdvmes5.2.x86_64.rpm
24d8a954cf8f2b5a7a034338b106791c mes5/SRPMS/samba-3.3.12-0.9mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPhUl5mqjQ0CJFipgRAqwGAJ9WQalWqP6WzJFo7dRcgPySLjvhAgCeNuAz
3ifKrik8iH0LOdU2Q4hDsj4=
=S1NU
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus