Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

openSUSE: 2012:0711-2 Critical: OpenSSH Potential Vulnerability Risk

opensuse
Calendar Grey April 16, 2012
Dist Opensuse Esm H88
Tackling vital vulnerabilities, this patch introduces resolutions for remote command execution threats on Ubuntu platforms.
An update that solves two vulnerabilities and has three fixes is now available.

Description

- Add the ldapsmb sources as else patches against them have

no chance to apply.

- Samba pre-3.6.4 are affected by a vulnerability that

allows remote code exe- cution as the "root" user; PIDL

based autogenerated code allows overwriting beyond of

allocated array; CVE-2012-1182; (bso#8815); (bnc#752797).

- s3-winbindd: Only use SamLogonEx when we can get

unencrypted session keys; (bso#8599).

- Correctly handle DENY ACEs when privileges apply;

(bso#8797).

- s3:smb2_server: fix a logic error, we should sign non

guest sessions; (bso8749).

- Allow vfs_aio_pthread to build as a static module;

(bso#8723).

- s3:dbwrap_ctdb: return the number of records in

db_ctdb_traverse() for persistent dbs; (#bso8527).

- s3: segfault in dom_sid_compare(bso#8567).

- Honor SeTakeOwnershiPrivilege when client asks for

SEC_STD_WRITE_OWNER; (bso#8768).

- s3-winbindd: Close netlogon connection if the status

returned by the NetrSamLogonEx call is...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update critical remote code execution samba openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-223

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.1 (i586 x86_64):

ldapsmb-1.34b-34.11.1

libldb-devel-1.0.2-34.11.1

libldb1-1.0.2-34.11.1

libldb1-debuginfo-1.0.2-34.11.1

libnetapi-devel-3.6.3-34.11.1

libnetapi0-3.6.3-34.11.1

libnetapi0-debuginfo-3.6.3-34.11.1

libsmbclient-devel-3.6.3-34.11.1

libsmbclient0-3.6.3-34.11.1

libsmbclient0-debuginfo-3.6.3-34.11.1

libsmbsharemodes-devel-3.6.3-34.11.1

libsmbsharemodes0-3.6.3-34.11.1

libsmbsharemodes0-debuginfo-3.6.3-34.11.1

libtalloc-devel-2.0.5-34.11.1

libtalloc2-2.0.5-34.11.1

libtalloc2-debuginfo-2.0.5-34.11.1

libtdb-devel-1.2.9-34.11.1

libtdb1-1.2.9-34.11.1

libtdb1-debuginfo-1.2.9-34.11.1

libtevent-devel-0.9.11-34.11.1

libtevent0-0.9.11-34.11.1

libtevent0-debuginfo-0.9.11-34.11.1

libwbclient-devel-3.6.3-34.11.1

libwbclient0-3.6.3-34.11.1

libwbclient0-debuginfo-3.6.3-34.11.1

samba-3.6.3-34.11.1

samba-client-3.6.3-34.11.1

samba-client-debuginfo-3.6.3-34.11.1

samba-debuginfo-3.6.3-34.11.1

samba-debugsource-3.6.3-34.11.1

samba-devel-3.6.3-34.11.1

samba-krb-printing-3.6.3-34.11.1

samba-krb-printing-debuginfo-3.6.3...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2012-0870.html

https://www.suse.com/security/cve/CVE-2012-1182.html

--

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:0507-1
Rating: critical
Affected Products: openSUSE 12.1 le.

Topics%20covered

Topics Covered

security advisory security update critical remote code execution samba openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here