| VID |
23228 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
According to its banner, the version of Samba 3.x running on the remote host is earlier than 3.4.17 / 3.5.15 / 3.6.5, and as such, is potentially affected by a security bypass vulnerability.
Authenticated users are able to modify ownership of files and directories that the user does not own. Improper security checking related to the Local Security Authority (LSA) remote procedure calls (RPC) 'CreateAccount', 'OpenAccount', 'AddAccountRights' and 'RemoveAccountRights' can allow users these improper permissions.
* References:
http://www.samba.org/samba/security/CVE-2012-2111
http://www.samba.org/samba/history/samba-3.4.17.html
http://www.samba.org/samba/history/samba-3.5.15.html
http://www.samba.org/samba/history/samba-3.6.5.html
* Platforms Affected:
Samba Project, Samba versions before 3.4.17 / 3.5.15 / 3.6.5
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba 3.4.17 / 3.5.15 / 3.6.5 or later, available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2012-2111 (CVE) |
| Related URL |
53307 (SecurityFocus) |
| Related URL |
(ISS) |
|
