| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 04 May 2012 19:08:01 +0200 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDVSA-2012:070 ] samba -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:070 http://www.mandriva.com/security/ _______________________________________________________________________ Package : samba Date : May 4, 2012 Affected: 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in samba: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1586 https://bugzilla.samba.org/show_bug.cgi?id=8821 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: dd496662bedc161b26294dae8fb3ec6a 2010.1/i586/libnetapi0-3.5.3-3.7mdv2010.2.i586.rpm fa3eff21e8c15fdd00a0b09d784f8a75 2010.1/i586/libnetapi-devel-3.5.3-3.7mdv2010.2.i586.rpm 46f6c0838f1322501be976b0b108ee01 2010.1/i586/libsmbclient0-3.5.3-3.7mdv2010.2.i586.rpm 09d1da486d9c8dc917c3fcd33e67e9a8 2010.1/i586/libsmbclient0-devel-3.5.3-3.7mdv2010.2.i586.rpm 166127d2117775be61368b8a1d414d92 2010.1/i586/libsmbclient0-static-devel-3.5.3-3.7mdv2010.2.i586.rpm 5c3eb8d716160a3e1b644dacbfeb6a80 2010.1/i586/libsmbsharemodes0-3.5.3-3.7mdv2010.2.i586.rpm 3936bd1a76b6e3488953742e9dc1cdbd 2010.1/i586/libsmbsharemodes-devel-3.5.3-3.7mdv2010.2.i586.rpm f326643fb6217d37f4392928ab3b9785 2010.1/i586/libwbclient0-3.5.3-3.7mdv2010.2.i586.rpm 798003779c5f818110c282dfa9c82149 2010.1/i586/libwbclient-devel-3.5.3-3.7mdv2010.2.i586.rpm ff9d703897f4518e0ea553ea4fc27ba7 2010.1/i586/mount-cifs-3.5.3-3.7mdv2010.2.i586.rpm 2815ec4bf56d7761d545cf00afaec268 2010.1/i586/nss_wins-3.5.3-3.7mdv2010.2.i586.rpm 9e44d314f92c8cf23de00f29c2b2cd7b 2010.1/i586/samba-client-3.5.3-3.7mdv2010.2.i586.rpm ea6957734016133ad7d2e6c174fe4244 2010.1/i586/samba-common-3.5.3-3.7mdv2010.2.i586.rpm 1b3eae9886f6c213cb39cbba7df6c613 2010.1/i586/samba-doc-3.5.3-3.7mdv2010.2.i586.rpm 95804ad6721490f9f0364e52b0553015 2010.1/i586/samba-domainjoin-gui-3.5.3-3.7mdv2010.2.i586.rpm 182e34741505e99493285b7fa645526a 2010.1/i586/samba-server-3.5.3-3.7mdv2010.2.i586.rpm d490df138c62e60deb73ac2333716d7d 2010.1/i586/samba-swat-3.5.3-3.7mdv2010.2.i586.rpm 6b7edfbbd4dd295d9a59816d99235f49 2010.1/i586/samba-winbind-3.5.3-3.7mdv2010.2.i586.rpm ec8ac62146e687e9a342c602513256fc 2010.1/SRPMS/samba-3.5.3-3.7mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 07e34908a3530dc7e0903b700f227813 2010.1/x86_64/lib64netapi0-3.5.3-3.7mdv2010.2.x86_64.rpm 61d892dc72900ea40871c2efd18fa7be 2010.1/x86_64/lib64netapi-devel-3.5.3-3.7mdv2010.2.x86_64.rpm 4cf7dd4f2cf145ea9a53f15f5b4ca2fe 2010.1/x86_64/lib64smbclient0-3.5.3-3.7mdv2010.2.x86_64.rpm 80fe598f07d6b0c51f968bb53a493673 2010.1/x86_64/lib64smbclient0-devel-3.5.3-3.7mdv2010.2.x86_64.rpm 75b40bd85d8888af79ee361a781db7eb 2010.1/x86_64/lib64smbclient0-static-devel-3.5.3-3.7mdv2010.2.x86_64.rpm 52ba787499b18ad01c9934a9e389dac1 2010.1/x86_64/lib64smbsharemodes0-3.5.3-3.7mdv2010.2.x86_64.rpm 366dad10af9a0ceed23eb1cb234822f6 2010.1/x86_64/lib64smbsharemodes-devel-3.5.3-3.7mdv2010.2.x86_64.rpm 008fb8eb148ff33c4d2f0a36fa3f3324 2010.1/x86_64/lib64wbclient0-3.5.3-3.7mdv2010.2.x86_64.rpm 05dfdc9e5388a90f2f14617ccf467381 2010.1/x86_64/lib64wbclient-devel-3.5.3-3.7mdv2010.2.x86_64.rpm 3944d4668b05654a5ed89285e6f8c251 2010.1/x86_64/mount-cifs-3.5.3-3.7mdv2010.2.x86_64.rpm ff15dcc2b2d8327613b02a90bd41ca03 2010.1/x86_64/nss_wins-3.5.3-3.7mdv2010.2.x86_64.rpm 457e3a8f97623173cdf47851779da069 2010.1/x86_64/samba-client-3.5.3-3.7mdv2010.2.x86_64.rpm ba7d42f765f2de80fc9e7fed0e334d5d 2010.1/x86_64/samba-common-3.5.3-3.7mdv2010.2.x86_64.rpm 0d6a4807149323466dadcdc90be15fa6 2010.1/x86_64/samba-doc-3.5.3-3.7mdv2010.2.x86_64.rpm ffbd0b27ee05885492e7362b5d441e23 2010.1/x86_64/samba-domainjoin-gui-3.5.3-3.7mdv2010.2.x86_64.rpm 4252f909e0e7bfaa45e5937c34064746 2010.1/x86_64/samba-server-3.5.3-3.7mdv2010.2.x86_64.rpm 5d8902b8ae2b99f3190c7261e8be6699 2010.1/x86_64/samba-swat-3.5.3-3.7mdv2010.2.x86_64.rpm 2a3b36b89008ba74be1851bb0fe0490a 2010.1/x86_64/samba-winbind-3.5.3-3.7mdv2010.2.x86_64.rpm ec8ac62146e687e9a342c602513256fc 2010.1/SRPMS/samba-3.5.3-3.7mdv2010.2.src.rpm Mandriva Enterprise Server 5: b406136551db81ea5c6a6fd52383b1db mes5/i586/libnetapi0-3.3.12-0.10mdvmes5.2.i586.rpm 5d0e71b63b6742d854a64760ffef5a1e mes5/i586/libnetapi-devel-3.3.12-0.10mdvmes5.2.i586.rpm a1bce4873fbf03a0b3d9acb68b3b9928 mes5/i586/libsmbclient0-3.3.12-0.10mdvmes5.2.i586.rpm 3a4e098ba0d9d10aea27f16b0a88c547 mes5/i586/libsmbclient0-devel-3.3.12-0.10mdvmes5.2.i586.rpm d82751d5e90726d2ca257ebd0edf37a8 mes5/i586/libsmbclient0-static-devel-3.3.12-0.10mdvmes5.2.i586.rpm a736f31edc3007a78d6e1666cf506bcf mes5/i586/libsmbsharemodes0-3.3.12-0.10mdvmes5.2.i586.rpm 3c84b6ebb689e7718d769869ba912578 mes5/i586/libsmbsharemodes-devel-3.3.12-0.10mdvmes5.2.i586.rpm de165b4236a01ee6b0a35eafd809e7ad mes5/i586/libtalloc1-3.3.12-0.10mdvmes5.2.i586.rpm 4f33d360e15006e8aed210e5b6650969 mes5/i586/libtalloc-devel-3.3.12-0.10mdvmes5.2.i586.rpm d40ee305b6fc2b5ac78f4874de84f786 mes5/i586/libtdb1-3.3.12-0.10mdvmes5.2.i586.rpm 8a7ccd1fa68970696a40f5d889d78d02 mes5/i586/libtdb-devel-3.3.12-0.10mdvmes5.2.i586.rpm 48f738176a741af39161c82bed6050a2 mes5/i586/libwbclient0-3.3.12-0.10mdvmes5.2.i586.rpm 53490ef3ecd379720f720b823a4a0905 mes5/i586/libwbclient-devel-3.3.12-0.10mdvmes5.2.i586.rpm 264cd06bab6ad71a4930f42b53d754a9 mes5/i586/mount-cifs-3.3.12-0.10mdvmes5.2.i586.rpm b15dd3af33a5a80389614a91ae45ad08 mes5/i586/nss_wins-3.3.12-0.10mdvmes5.2.i586.rpm a410864fb10ddb0ea576181809d18df0 mes5/i586/samba-client-3.3.12-0.10mdvmes5.2.i586.rpm 80fd8d8167741ee7da3e885214c75775 mes5/i586/samba-common-3.3.12-0.10mdvmes5.2.i586.rpm 3db12da76a3dfc84f0fce71e62bbefcf mes5/i586/samba-doc-3.3.12-0.10mdvmes5.2.i586.rpm 6b778b3bc55cca365c6fad57a9f877da mes5/i586/samba-server-3.3.12-0.10mdvmes5.2.i586.rpm 3c493a7654d33cb2fab5595d3413f5e3 mes5/i586/samba-swat-3.3.12-0.10mdvmes5.2.i586.rpm ecb7876de48598f822edb57f2d01083a mes5/i586/samba-winbind-3.3.12-0.10mdvmes5.2.i586.rpm 3dad784fd91e4d11f827bcf637e38911 mes5/SRPMS/samba-3.3.12-0.10mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 028b8b35fe265857c5660a48d0689f65 mes5/x86_64/lib64netapi0-3.3.12-0.10mdvmes5.2.x86_64.rpm 4e1e6ca82f91a16daba81ebad63c8ba1 mes5/x86_64/lib64netapi-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm b1687db7ef71fd55bd5dd8a806741435 mes5/x86_64/lib64smbclient0-3.3.12-0.10mdvmes5.2.x86_64.rpm ada87ce49561ee2b1e53669a728ba9ab mes5/x86_64/lib64smbclient0-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm 805b0dcf72047da6670091ef5190d557 mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm e7f423cd6dd382c59d6963fba9d2c3c9 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.10mdvmes5.2.x86_64.rpm e44daaa79d193ef689d5894b3bf9f528 mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm 38d8d2801c3fa0287c7244822073f23d mes5/x86_64/lib64talloc1-3.3.12-0.10mdvmes5.2.x86_64.rpm eae72bec1b9a6ff943c022513aab2fe5 mes5/x86_64/lib64talloc-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm 2edaa04cd18eaae2cf91e94f38d0f6d0 mes5/x86_64/lib64tdb1-3.3.12-0.10mdvmes5.2.x86_64.rpm 4fab6b6ab1ec0e7fc2712c7af587088f mes5/x86_64/lib64tdb-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm cdbbbf0d46c237e518253deecfc06bc0 mes5/x86_64/lib64wbclient0-3.3.12-0.10mdvmes5.2.x86_64.rpm 908ad56c3b28e6b987da13774b33f379 mes5/x86_64/lib64wbclient-devel-3.3.12-0.10mdvmes5.2.x86_64.rpm 659ebc87967d3726da307b153b266cb0 mes5/x86_64/mount-cifs-3.3.12-0.10mdvmes5.2.x86_64.rpm 3c7e95924dd842028077ab6b7a610d62 mes5/x86_64/nss_wins-3.3.12-0.10mdvmes5.2.x86_64.rpm 163c146f282956f761b1a6e5c7070d98 mes5/x86_64/samba-client-3.3.12-0.10mdvmes5.2.x86_64.rpm c1245d240a135b2d1c6b97d3009ce01d mes5/x86_64/samba-common-3.3.12-0.10mdvmes5.2.x86_64.rpm e0d54e3ca8d92b1a8d661ac70d152186 mes5/x86_64/samba-doc-3.3.12-0.10mdvmes5.2.x86_64.rpm f61cdc68213c9baef4bf6d71a46fe8d0 mes5/x86_64/samba-server-3.3.12-0.10mdvmes5.2.x86_64.rpm 94d10dfe6ee83aa026c75c87745107bf mes5/x86_64/samba-swat-3.3.12-0.10mdvmes5.2.x86_64.rpm cd984b4be2ecfc30144ff2d0a0d0c6d1 mes5/x86_64/samba-winbind-3.3.12-0.10mdvmes5.2.x86_64.rpm 3dad784fd91e4d11f827bcf637e38911 mes5/SRPMS/samba-3.3.12-0.10mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPo9/qmqjQ0CJFipgRAmPKAKDRZK/72FfLzVHDziK1FXk0cwAKgACgtUfK qiVpzJ/OFQeZTT2t7moMp0Q= =mhCS -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists