Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 24 Feb 2012 08:38:47 -0600 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: Security ERRATA Critical: samba on SL4.x i386/x86_64 MIME-Version: 1.0 Synopsis: Critical: samba security update Issue Date: 2012-02-23 CVE Numbers: CVE-2012-0870 Samba is a suite of programs used by machines to share files, printers, and other information. An input validation flaw was found in the way Samba handled Any Batched (AndX) requests. A remote, unauthenticated attacker could send a specially-crafted SMB packet to the Samba server, possibly resulting in arbitrary code execution with the privileges of the Samba server (root). (CVE-2012-0870) Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically. SL4: i386 samba-3.0.33-0.35.el4.i386.rpm samba-client-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-swat-3.0.33-0.35.el4.i386.rpm x86_64 samba-3.0.33-0.35.el4.x86_64.rpm samba-client-3.0.33-0.35.el4.x86_64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.x86_64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.x86_64.rpm samba-swat-3.0.33-0.35.el4.x86_64.rpm - Scientific Linux Development Team