Red Hat Security Advisory: samba and samba3x security update Security Advisory secalert@redhat.com Red Hat Security Response Team RHSA-2012:0533 Final 1 1 2012-04-30T17:05:00Z Current version 2012-04-30T17:05:00Z 2012-04-30T17:05:00Z Red Hat rhsa-to-cvrf 1.0.1478 2012-05-01T14:46:58Z Updated samba3x and samba packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks. (CVE-2012-2111) Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Ivano Cristofolini as the original reporter. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically. Please see https://www.redhat.com/footer/terms-of-use.html Copyright © 2012 Red Hat, Inc. All rights reserved. Important https://rhn.redhat.com/errata/RHSA-2012-0533.html https://rhn.redhat.com/errata/RHSA-2012-0533.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/updates/classification/#important http://www.samba.org/samba/security/CVE-2012-2111 http://www.samba.org/samba/security/CVE-2012-2111 Red Hat Enterprise Linux Workstation Optional (v. 6) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux Server Optional (v. 6) Red Hat Enterprise Linux HPC Node Optional (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) Red Hat Enterprise Linux Desktop Optional (v. 6) Red Hat Enterprise Linux (v. 5 server) RHEL Desktop Workstation (v. 5 client) samba-3.5.10-116.el6_2.src.rpm samba3x-3.5.10-0.109.el5_8.src.rpm samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6) samba3x-3.5.10-0.109.el5_8 as a component of Red Hat Enterprise Linux Desktop (v. 5 client) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux HPC Node (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Desktop (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Server Optional (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Server (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Workstation (v. 6) samba-3.5.10-116.el6_2 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6) samba3x-3.5.10-0.109.el5_8 as a component of Red Hat Enterprise Linux (v. 5 server) samba3x-3.5.10-0.109.el5_8 as a component of RHEL Desktop Workstation (v. 5 client) A flaw was found in the way Samba handled certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks. 2012-04-17T00:00:00Z 2012-04-30T00:00:00Z CVE-2012-2111 5Client-5.8.Z:samba3x-3.5.10-0.109.el5_8 5Client-Workstation-5.8.Z:samba3x-3.5.10-0.109.el5_8 5Server-5.8.Z:samba3x-3.5.10-0.109.el5_8 6Client-6.2.z:samba-3.5.10-116.el6_2 6Client-optional-6.2.z:samba-3.5.10-116.el6_2 6ComputeNode-6.2.z:samba-3.5.10-116.el6_2 6ComputeNode-optional-6.2.z:samba-3.5.10-116.el6_2 6Server-6.2.z:samba-3.5.10-116.el6_2 6Server-optional-6.2.z:samba-3.5.10-116.el6_2 6Workstation-6.2.z:samba-3.5.10-116.el6_2 6Workstation-optional-6.2.z:samba-3.5.10-116.el6_2 Important 6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-0533.html https://www.redhat.com/security/data/cve/CVE-2012-2111.html CVE-2012-2111 https://bugzilla.redhat.com/show_bug.cgi?id=813569 bz#813569: CVE-2012-2111 samba: Incorrect permission checks when granting/removing privileges Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Ivano Cristofolini as the original reporter of this issue.