var-201202-0323
Vulnerability from variot
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. It highlights game, media publishing and collaboration features. The BlackBerry PlayBook Tablet is a tablet from BlackBerry. The Samba service is used for file sharing between the platform computer and the computer, and remote attackers can exploit the vulnerability to gain control over the Wi-Fi file sharing system through the Wi-Fi network. This vulnerability is also affected when the tablet is connected to the computer using USB and if the attacker can physically access the computer. Samba is prone to a heap-based buffer-overflow vulnerability. Failed exploit attempts will result in a denial-of-service condition. Samba versions prior to 3.4.0 are affected. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: Samba Any Batched Request Handling Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA48152
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48152/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48152
RELEASE DATE: 2012-02-24
DISCUSS ADVISORY: http://secunia.com/advisories/48152/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48152/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48152
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Originally reported in BlackBerry Tablet OS by Andy Davis, NGS Secure.
ORIGINAL ADVISORY: http://www.samba.org/samba/security/CVE-2012-0870
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
Updated Packages:
Mandriva Enterprise Server 5: f1c5c40a39960bf0be8b4f7b0eb07f1c mes5/i586/libnetapi0-3.3.12-0.8mdvmes5.2.i586.rpm c09851ea48666122ce67fb3bb5d863b7 mes5/i586/libnetapi-devel-3.3.12-0.8mdvmes5.2.i586.rpm 574874125ee63e520110e73158fa1c53 mes5/i586/libsmbclient0-3.3.12-0.8mdvmes5.2.i586.rpm ed39a5badbcb3dff984d099d995e4654 mes5/i586/libsmbclient0-devel-3.3.12-0.8mdvmes5.2.i586.rpm 37f6c8edc6af9e4439fe1cfa74162fd4 mes5/i586/libsmbclient0-static-devel-3.3.12-0.8mdvmes5.2.i586.rpm e06527be75deb64802f8bfa4c266f9bc mes5/i586/libsmbsharemodes0-3.3.12-0.8mdvmes5.2.i586.rpm 9926b5aa94649fe5e4563d7d30eea094 mes5/i586/libsmbsharemodes-devel-3.3.12-0.8mdvmes5.2.i586.rpm 13ed1d18924705829149f27c89cff483 mes5/i586/libtalloc1-3.3.12-0.8mdvmes5.2.i586.rpm 0dcc0cadaff5d3e9e9b26a4aa76320b9 mes5/i586/libtalloc-devel-3.3.12-0.8mdvmes5.2.i586.rpm f66dc353d8f7cc28d9e9922bc731bd06 mes5/i586/libtdb1-3.3.12-0.8mdvmes5.2.i586.rpm 87689dca4f04ccc56c8b7e2958f870a5 mes5/i586/libtdb-devel-3.3.12-0.8mdvmes5.2.i586.rpm eac4493389bdd505786b2a813800ec21 mes5/i586/libwbclient0-3.3.12-0.8mdvmes5.2.i586.rpm 0a4d9665399a405ec33352bac8b085d7 mes5/i586/libwbclient-devel-3.3.12-0.8mdvmes5.2.i586.rpm 31d01f8f5ac236bdeb5da6c0b1103c26 mes5/i586/mount-cifs-3.3.12-0.8mdvmes5.2.i586.rpm 4d65a41c7adf287f33146cb51976c12f mes5/i586/nss_wins-3.3.12-0.8mdvmes5.2.i586.rpm 95851e4895bebace6a800c21411c2c98 mes5/i586/samba-client-3.3.12-0.8mdvmes5.2.i586.rpm 615ae2342634aa724e233fe7c38e1021 mes5/i586/samba-common-3.3.12-0.8mdvmes5.2.i586.rpm 593f4559e2e7927c3d2be07c75f69fc2 mes5/i586/samba-doc-3.3.12-0.8mdvmes5.2.i586.rpm 082b8b10f48f87102f5f4e5734192274 mes5/i586/samba-server-3.3.12-0.8mdvmes5.2.i586.rpm 671a8293f5c9970eff7f41a382ce1de8 mes5/i586/samba-swat-3.3.12-0.8mdvmes5.2.i586.rpm d0826b2d50dd03a8a2def0ab8217a10b mes5/i586/samba-winbind-3.3.12-0.8mdvmes5.2.i586.rpm e63162eb725a3c786a9d6ce6e3ffa834 mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: 08052ae7f504d3afebc2592c4563cb26 mes5/x86_64/lib64netapi0-3.3.12-0.8mdvmes5.2.x86_64.rpm 959b440b7a52de85774c7826c23e5a0d mes5/x86_64/lib64netapi-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 4fbf3c6550bbd781101b19a5f59db31f mes5/x86_64/lib64smbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm fa0e52cf4f492cb5d991ca5305f4eca7 mes5/x86_64/lib64smbclient0-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 3aab55b5470b2dd3fe21bc22aac57881 mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 62faaa06906b9b03f73d130c30841e24 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.8mdvmes5.2.x86_64.rpm 2989b58fbd3b45bc9f59c252c694970f mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 7b02247f56fbae2c39148fbbdb2a9753 mes5/x86_64/lib64talloc1-3.3.12-0.8mdvmes5.2.x86_64.rpm c06c34fbdf4472157ce75f438c8975fe mes5/x86_64/lib64talloc-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 05412945bb2a1b2be22aab619395366e mes5/x86_64/lib64tdb1-3.3.12-0.8mdvmes5.2.x86_64.rpm a5d3e798398970a92129d182766049ab mes5/x86_64/lib64tdb-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm fa4659a2d3591b354ed48fe4780e318a mes5/x86_64/lib64wbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm a647ebd6ed3d00f8e0cf32db8deddd89 mes5/x86_64/lib64wbclient-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm 5075846b37b482eee78d1390284d221f mes5/x86_64/mount-cifs-3.3.12-0.8mdvmes5.2.x86_64.rpm 08968a5c3682f2af4dab4433d3c4906c mes5/x86_64/nss_wins-3.3.12-0.8mdvmes5.2.x86_64.rpm 1f391d0c654c0efa93a4a9b90ff8abad mes5/x86_64/samba-client-3.3.12-0.8mdvmes5.2.x86_64.rpm 9d374a84dab147dd3a7e20f38032740f mes5/x86_64/samba-common-3.3.12-0.8mdvmes5.2.x86_64.rpm fbc801397a2f7b94b06397aed9e037a8 mes5/x86_64/samba-doc-3.3.12-0.8mdvmes5.2.x86_64.rpm 39fde58a25e8180b574cf6e5a8f7e432 mes5/x86_64/samba-server-3.3.12-0.8mdvmes5.2.x86_64.rpm d9f108c12ade5b0f8905cb453cdb99dc mes5/x86_64/samba-swat-3.3.12-0.8mdvmes5.2.x86_64.rpm 78f300cd217228b7e44d0845f2b29c53 mes5/x86_64/samba-winbind-3.3.12-0.8mdvmes5.2.x86_64.rpm e63162eb725a3c786a9d6ce6e3ffa834 mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFPTQdAmqjQ0CJFipgRAjl5AKCHFXTjEFCIjESHT9QE+lzC/znTUQCeKcKO gBbgJhbdLqBQlAb9QBUHTIM= =j351 -----END PGP SIGNATURE----- . High Risk Vulnerability in Samba
25 February 2012
Andy Davis of NGS Secure has discovered a high risk vulnerability in the Samba service
Impact: Remote Code Execution
Versions affected: Samba versions up to 3.4.0
More details about this vulnerability and how to obtain software updates can be found here: http://www.samba.org/samba/security/CVE-2012-0870
NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.
NGS Secure Research http://www.ngssecure.com . This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. ============================================================================ Ubuntu Security Notice USN-1374-1 February 24, 2012
samba vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 8.04 LTS
Summary:
Samba could be made to crash or run programs if it received specially crafted network traffic.
Software Description: - samba: SMB/CIFS file, print, and login server for Unix
Details:
Andy Davis discovered that Samba incorrectly handled certain AndX offsets.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 8.04 LTS: samba 3.0.28a-1ubuntu4.17
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: samba security update Advisory ID: RHSA-2012:0332-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0332.html Issue date: 2012-02-23 CVE Names: CVE-2012-0870 =====================================================================
- Summary:
Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 5.3 Long Life, and 5.6 Extended Update Support.
The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Long Life (v. 5.3 server) - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
- Description:
Samba is a suite of programs used by machines to share files, printers, and other information.
An input validation flaw was found in the way Samba handled Any Batched (AndX) requests. A remote, unauthenticated attacker could send a specially-crafted SMB packet to the Samba server, possibly resulting in arbitrary code execution with the privileges of the Samba server (root). (CVE-2012-0870)
Red Hat would like to thank the Samba team for reporting this issue. Upstream acknowledges Andy Davis of NGS Secure as the original reporter.
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
795509 - CVE-2012-0870 samba: Any Batched ("AndX") request processing infinite recursion and heap-based buffer overflow
- Package List:
Red Hat Enterprise Linux AS version 4:
Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm
i386: samba-3.0.33-0.35.el4.i386.rpm samba-client-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-swat-3.0.33-0.35.el4.i386.rpm
ia64: samba-3.0.33-0.35.el4.ia64.rpm samba-client-3.0.33-0.35.el4.ia64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.ia64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.ia64.rpm samba-swat-3.0.33-0.35.el4.ia64.rpm
ppc: samba-3.0.33-0.35.el4.ppc.rpm samba-client-3.0.33-0.35.el4.ppc.rpm samba-common-3.0.33-0.35.el4.ppc.rpm samba-common-3.0.33-0.35.el4.ppc64.rpm samba-debuginfo-3.0.33-0.35.el4.ppc.rpm samba-debuginfo-3.0.33-0.35.el4.ppc64.rpm samba-swat-3.0.33-0.35.el4.ppc.rpm
s390: samba-3.0.33-0.35.el4.s390.rpm samba-client-3.0.33-0.35.el4.s390.rpm samba-common-3.0.33-0.35.el4.s390.rpm samba-debuginfo-3.0.33-0.35.el4.s390.rpm samba-swat-3.0.33-0.35.el4.s390.rpm
s390x: samba-3.0.33-0.35.el4.s390x.rpm samba-client-3.0.33-0.35.el4.s390x.rpm samba-common-3.0.33-0.35.el4.s390.rpm samba-common-3.0.33-0.35.el4.s390x.rpm samba-debuginfo-3.0.33-0.35.el4.s390.rpm samba-debuginfo-3.0.33-0.35.el4.s390x.rpm samba-swat-3.0.33-0.35.el4.s390x.rpm
x86_64: samba-3.0.33-0.35.el4.x86_64.rpm samba-client-3.0.33-0.35.el4.x86_64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.x86_64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.x86_64.rpm samba-swat-3.0.33-0.35.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm
i386: samba-3.0.33-0.35.el4.i386.rpm samba-client-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-swat-3.0.33-0.35.el4.i386.rpm
x86_64: samba-3.0.33-0.35.el4.x86_64.rpm samba-client-3.0.33-0.35.el4.x86_64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.x86_64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.x86_64.rpm samba-swat-3.0.33-0.35.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm
i386: samba-3.0.33-0.35.el4.i386.rpm samba-client-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-swat-3.0.33-0.35.el4.i386.rpm
ia64: samba-3.0.33-0.35.el4.ia64.rpm samba-client-3.0.33-0.35.el4.ia64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.ia64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.ia64.rpm samba-swat-3.0.33-0.35.el4.ia64.rpm
x86_64: samba-3.0.33-0.35.el4.x86_64.rpm samba-client-3.0.33-0.35.el4.x86_64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.x86_64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.x86_64.rpm samba-swat-3.0.33-0.35.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm
i386: samba-3.0.33-0.35.el4.i386.rpm samba-client-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-swat-3.0.33-0.35.el4.i386.rpm
ia64: samba-3.0.33-0.35.el4.ia64.rpm samba-client-3.0.33-0.35.el4.ia64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.ia64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.ia64.rpm samba-swat-3.0.33-0.35.el4.ia64.rpm
x86_64: samba-3.0.33-0.35.el4.x86_64.rpm samba-client-3.0.33-0.35.el4.x86_64.rpm samba-common-3.0.33-0.35.el4.i386.rpm samba-common-3.0.33-0.35.el4.x86_64.rpm samba-debuginfo-3.0.33-0.35.el4.i386.rpm samba-debuginfo-3.0.33-0.35.el4.x86_64.rpm samba-swat-3.0.33-0.35.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm
i386: libsmbclient-3.0.33-3.38.el5_8.i386.rpm samba-3.0.33-3.38.el5_8.i386.rpm samba-client-3.0.33-3.38.el5_8.i386.rpm samba-common-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm samba-swat-3.0.33-3.38.el5_8.i386.rpm
x86_64: libsmbclient-3.0.33-3.38.el5_8.i386.rpm libsmbclient-3.0.33-3.38.el5_8.x86_64.rpm samba-3.0.33-3.38.el5_8.x86_64.rpm samba-client-3.0.33-3.38.el5_8.x86_64.rpm samba-common-3.0.33-3.38.el5_8.i386.rpm samba-common-3.0.33-3.38.el5_8.x86_64.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm samba-swat-3.0.33-3.38.el5_8.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm
i386: libsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm
x86_64: libsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm libsmbclient-devel-3.0.33-3.38.el5_8.x86_64.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm
Red Hat Enterprise Linux Long Life (v. 5.3 server):
Source: samba-3.0.33-3.7.el5_3.4.src.rpm
i386: samba-3.0.33-3.7.el5_3.4.i386.rpm samba-client-3.0.33-3.7.el5_3.4.i386.rpm samba-common-3.0.33-3.7.el5_3.4.i386.rpm samba-debuginfo-3.0.33-3.7.el5_3.4.i386.rpm samba-swat-3.0.33-3.7.el5_3.4.i386.rpm
ia64: samba-3.0.33-3.7.el5_3.4.ia64.rpm samba-client-3.0.33-3.7.el5_3.4.ia64.rpm samba-common-3.0.33-3.7.el5_3.4.ia64.rpm samba-debuginfo-3.0.33-3.7.el5_3.4.ia64.rpm samba-swat-3.0.33-3.7.el5_3.4.ia64.rpm
x86_64: samba-3.0.33-3.7.el5_3.4.x86_64.rpm samba-client-3.0.33-3.7.el5_3.4.x86_64.rpm samba-common-3.0.33-3.7.el5_3.4.i386.rpm samba-common-3.0.33-3.7.el5_3.4.x86_64.rpm samba-debuginfo-3.0.33-3.7.el5_3.4.i386.rpm samba-debuginfo-3.0.33-3.7.el5_3.4.x86_64.rpm samba-swat-3.0.33-3.7.el5_3.4.x86_64.rpm
Red Hat Enterprise Linux EUS (v. 5.6 server):
Source: samba-3.0.33-3.29.el5_6.4.src.rpm
i386: libsmbclient-3.0.33-3.29.el5_6.4.i386.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.i386.rpm samba-3.0.33-3.29.el5_6.4.i386.rpm samba-client-3.0.33-3.29.el5_6.4.i386.rpm samba-common-3.0.33-3.29.el5_6.4.i386.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.i386.rpm samba-swat-3.0.33-3.29.el5_6.4.i386.rpm
ia64: libsmbclient-3.0.33-3.29.el5_6.4.ia64.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.ia64.rpm samba-3.0.33-3.29.el5_6.4.ia64.rpm samba-client-3.0.33-3.29.el5_6.4.ia64.rpm samba-common-3.0.33-3.29.el5_6.4.ia64.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.ia64.rpm samba-swat-3.0.33-3.29.el5_6.4.ia64.rpm
ppc: libsmbclient-3.0.33-3.29.el5_6.4.ppc.rpm libsmbclient-3.0.33-3.29.el5_6.4.ppc64.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.ppc.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.ppc64.rpm samba-3.0.33-3.29.el5_6.4.ppc.rpm samba-client-3.0.33-3.29.el5_6.4.ppc.rpm samba-common-3.0.33-3.29.el5_6.4.ppc.rpm samba-common-3.0.33-3.29.el5_6.4.ppc64.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.ppc.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.ppc64.rpm samba-swat-3.0.33-3.29.el5_6.4.ppc.rpm
s390x: libsmbclient-3.0.33-3.29.el5_6.4.s390.rpm libsmbclient-3.0.33-3.29.el5_6.4.s390x.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.s390.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.s390x.rpm samba-3.0.33-3.29.el5_6.4.s390x.rpm samba-client-3.0.33-3.29.el5_6.4.s390x.rpm samba-common-3.0.33-3.29.el5_6.4.s390.rpm samba-common-3.0.33-3.29.el5_6.4.s390x.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.s390.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.s390x.rpm samba-swat-3.0.33-3.29.el5_6.4.s390x.rpm
x86_64: libsmbclient-3.0.33-3.29.el5_6.4.i386.rpm libsmbclient-3.0.33-3.29.el5_6.4.x86_64.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.i386.rpm libsmbclient-devel-3.0.33-3.29.el5_6.4.x86_64.rpm samba-3.0.33-3.29.el5_6.4.x86_64.rpm samba-client-3.0.33-3.29.el5_6.4.x86_64.rpm samba-common-3.0.33-3.29.el5_6.4.i386.rpm samba-common-3.0.33-3.29.el5_6.4.x86_64.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.i386.rpm samba-debuginfo-3.0.33-3.29.el5_6.4.x86_64.rpm samba-swat-3.0.33-3.29.el5_6.4.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm
i386: libsmbclient-3.0.33-3.38.el5_8.i386.rpm libsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm samba-3.0.33-3.38.el5_8.i386.rpm samba-client-3.0.33-3.38.el5_8.i386.rpm samba-common-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm samba-swat-3.0.33-3.38.el5_8.i386.rpm
ia64: libsmbclient-3.0.33-3.38.el5_8.ia64.rpm libsmbclient-devel-3.0.33-3.38.el5_8.ia64.rpm samba-3.0.33-3.38.el5_8.ia64.rpm samba-client-3.0.33-3.38.el5_8.ia64.rpm samba-common-3.0.33-3.38.el5_8.ia64.rpm samba-debuginfo-3.0.33-3.38.el5_8.ia64.rpm samba-swat-3.0.33-3.38.el5_8.ia64.rpm
ppc: libsmbclient-3.0.33-3.38.el5_8.ppc.rpm libsmbclient-3.0.33-3.38.el5_8.ppc64.rpm libsmbclient-devel-3.0.33-3.38.el5_8.ppc.rpm libsmbclient-devel-3.0.33-3.38.el5_8.ppc64.rpm samba-3.0.33-3.38.el5_8.ppc.rpm samba-client-3.0.33-3.38.el5_8.ppc.rpm samba-common-3.0.33-3.38.el5_8.ppc.rpm samba-common-3.0.33-3.38.el5_8.ppc64.rpm samba-debuginfo-3.0.33-3.38.el5_8.ppc.rpm samba-debuginfo-3.0.33-3.38.el5_8.ppc64.rpm samba-swat-3.0.33-3.38.el5_8.ppc.rpm
s390x: libsmbclient-3.0.33-3.38.el5_8.s390.rpm libsmbclient-3.0.33-3.38.el5_8.s390x.rpm libsmbclient-devel-3.0.33-3.38.el5_8.s390.rpm libsmbclient-devel-3.0.33-3.38.el5_8.s390x.rpm samba-3.0.33-3.38.el5_8.s390x.rpm samba-client-3.0.33-3.38.el5_8.s390x.rpm samba-common-3.0.33-3.38.el5_8.s390.rpm samba-common-3.0.33-3.38.el5_8.s390x.rpm samba-debuginfo-3.0.33-3.38.el5_8.s390.rpm samba-debuginfo-3.0.33-3.38.el5_8.s390x.rpm samba-swat-3.0.33-3.38.el5_8.s390x.rpm
x86_64: libsmbclient-3.0.33-3.38.el5_8.i386.rpm libsmbclient-3.0.33-3.38.el5_8.x86_64.rpm libsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm libsmbclient-devel-3.0.33-3.38.el5_8.x86_64.rpm samba-3.0.33-3.38.el5_8.x86_64.rpm samba-client-3.0.33-3.38.el5_8.x86_64.rpm samba-common-3.0.33-3.38.el5_8.i386.rpm samba-common-3.0.33-3.38.el5_8.x86_64.rpm samba-debuginfo-3.0.33-3.38.el5_8.i386.rpm samba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm samba-swat-3.0.33-3.38.el5_8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-0870.html https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPRq5BXlSAg2UNWIIRAi8UAKCeG0OK/toZruQMW71pNgX/9EFWJACfWhgR 2fYxfIbc/dSB94Bi22p/vW4= =Pybf -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-22
http://security.gentoo.org/
Severity: High Title: Samba: Multiple vulnerabilities Date: June 24, 2012 Bugs: #290633, #310105, #323785, #332063, #337295, #356917, #382263, #386375, #405551, #411487, #414319 ID: 201206-22
Synopsis
Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-fs/samba < 3.5.15 >= 3.5.15
Description
Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Furthermore, a local attacker may be able to cause a Denial of Service condition or obtain sensitive information in a Samba credentials file.
Workaround
There is no known workaround at this time.
Resolution
All Samba users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-3.5.15"
References
[ 1 ] CVE-2009-2906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2906 [ 2 ] CVE-2009-2948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2948 [ 3 ] CVE-2010-0728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728 [ 4 ] CVE-2010-1635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1635 [ 5 ] CVE-2010-1642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1642 [ 6 ] CVE-2010-2063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2063 [ 7 ] CVE-2010-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3069 [ 8 ] CVE-2011-0719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0719 [ 9 ] CVE-2011-1678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1678 [ 10 ] CVE-2011-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2724 [ 11 ] CVE-2012-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0870 [ 12 ] CVE-2012-1182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1182 [ 13 ] CVE-2012-2111 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2111
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-22.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0323",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.7.3312"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.3"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.6"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.8.4985"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.7"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.8.6067"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.7.2942"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 1.6,
"vendor": "rim",
"version": "1.0.5"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "3.0.0"
},
{
"model": "blackberry playbook os",
"scope": "lte",
"trust": 1.0,
"vendor": "rim",
"version": "2.0"
},
{
"model": "blackberry playbook tablet",
"scope": "eq",
"trust": 1.0,
"vendor": "rim",
"version": null
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.5.2304"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.5.2342"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.6"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.7.2942"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.7.3312"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.8.6067"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.9,
"vendor": "research",
"version": "1.0.8.4985"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.8,
"vendor": "samba",
"version": "3.0"
},
{
"model": "playbook",
"scope": "lt",
"trust": 0.6,
"vendor": "blackberry",
"version": "2.0.0.7971"
},
{
"model": "c",
"scope": "eq",
"trust": 0.6,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "a",
"scope": "eq",
"trust": 0.6,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "b",
"scope": "eq",
"trust": 0.6,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "blackberry playbook os",
"scope": "eq",
"trust": 0.6,
"vendor": "rim",
"version": "2.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.28"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.13"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.8"
},
{
"model": "hat enterprise linux eus 5.6.z server",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat enterprise linux long life server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.3"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.10"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "3.0.23a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.12"
},
{
"model": "hat enterprise linux 5.6.z server",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "hat enterprise linux 5.3.ll",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "hat enterprise linux long life server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.6"
},
{
"model": "3.0.27a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "b",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.23"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "hat enterprise linux 5.4.z server",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.1"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.040"
},
{
"model": "pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.10"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.26"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.14"
},
{
"model": "enterprise linux es 4.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.10"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.2"
},
{
"model": "3.0.20b",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3"
},
{
"model": "enterprise linux es 4.7.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "3.0.21b",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "3.0.21c",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.35"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "3.0.21a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.3"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.21"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.19"
},
{
"model": "rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.5"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.11"
},
{
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.14"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.12"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2"
},
{
"model": "c",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.21"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.9"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.22"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.9"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.3"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.12"
},
{
"model": "3.0.23b",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.17"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.29"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.33"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.6"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.23"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.1"
},
{
"model": "3.0.20a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.20"
},
{
"model": "d",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.23"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.21"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.13"
},
{
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.7"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.16"
},
{
"model": "c",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.23"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.11"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.7"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.32"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.27"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.31"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.28"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.2"
},
{
"model": "enterprise linux 5.2.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.7"
},
{
"model": "b",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.20"
},
{
"model": "enterprise linux es 4.9.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.26"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "2.0.0.7971"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0"
},
{
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.16"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.13"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "-r1",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.4"
},
{
"model": "3.0.14a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "hat enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.7"
},
{
"model": "enterprise linux es 4.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.37"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.15"
},
{
"model": "3.0.23d",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.15"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.24"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.14"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.18"
},
{
"model": "linux enterprise server for vmware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.36"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.4"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.27"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "3.0.26a",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.14"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.6"
},
{
"model": "enterprise linux client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.3"
},
{
"model": "3.0.23c",
"scope": null,
"trust": 0.3,
"vendor": "samba",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.30"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "enterprise linux es 4.8.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "hat desktop workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.11"
},
{
"model": "b",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.21"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.9"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.25"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.23"
},
{
"model": "enterprise linux 5.3.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.34"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.0.20"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.2.5"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "3.3.15"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "BID",
"id": "52103"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.7.2942:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.7.3312:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.8.6067:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rim:blackberry_playbook_tablet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.8.4985:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:rim:blackberry_playbook_os:1.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis of NGS Secure",
"sources": [
{
"db": "BID",
"id": "52103"
}
],
"trust": 0.3
},
"cve": "CVE-2012-0870",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-0870",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2012-9013",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-0870",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2012-9013",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-439",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2012-0870",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. It highlights game, media publishing and collaboration features. The BlackBerry PlayBook Tablet is a tablet from BlackBerry. The Samba service is used for file sharing between the platform computer and the computer, and remote attackers can exploit the vulnerability to gain control over the Wi-Fi file sharing system through the Wi-Fi network. This vulnerability is also affected when the tablet is connected to the computer using USB and if the attacker can physically access the computer. Samba is prone to a heap-based buffer-overflow vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nSamba versions prior to 3.4.0 are affected. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSamba Any Batched Request Handling Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA48152\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48152/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48152\n\nRELEASE DATE:\n2012-02-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48152/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48152/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48152\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Samba, which can be exploited by\nmalicious people to compromise a vulnerable system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nOriginally reported in BlackBerry Tablet OS by Andy Davis, NGS\nSecure. \n\nORIGINAL ADVISORY:\nhttp://www.samba.org/samba/security/CVE-2012-0870\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n f1c5c40a39960bf0be8b4f7b0eb07f1c mes5/i586/libnetapi0-3.3.12-0.8mdvmes5.2.i586.rpm\n c09851ea48666122ce67fb3bb5d863b7 mes5/i586/libnetapi-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n 574874125ee63e520110e73158fa1c53 mes5/i586/libsmbclient0-3.3.12-0.8mdvmes5.2.i586.rpm\n ed39a5badbcb3dff984d099d995e4654 mes5/i586/libsmbclient0-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n 37f6c8edc6af9e4439fe1cfa74162fd4 mes5/i586/libsmbclient0-static-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n e06527be75deb64802f8bfa4c266f9bc mes5/i586/libsmbsharemodes0-3.3.12-0.8mdvmes5.2.i586.rpm\n 9926b5aa94649fe5e4563d7d30eea094 mes5/i586/libsmbsharemodes-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n 13ed1d18924705829149f27c89cff483 mes5/i586/libtalloc1-3.3.12-0.8mdvmes5.2.i586.rpm\n 0dcc0cadaff5d3e9e9b26a4aa76320b9 mes5/i586/libtalloc-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n f66dc353d8f7cc28d9e9922bc731bd06 mes5/i586/libtdb1-3.3.12-0.8mdvmes5.2.i586.rpm\n 87689dca4f04ccc56c8b7e2958f870a5 mes5/i586/libtdb-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n eac4493389bdd505786b2a813800ec21 mes5/i586/libwbclient0-3.3.12-0.8mdvmes5.2.i586.rpm\n 0a4d9665399a405ec33352bac8b085d7 mes5/i586/libwbclient-devel-3.3.12-0.8mdvmes5.2.i586.rpm\n 31d01f8f5ac236bdeb5da6c0b1103c26 mes5/i586/mount-cifs-3.3.12-0.8mdvmes5.2.i586.rpm\n 4d65a41c7adf287f33146cb51976c12f mes5/i586/nss_wins-3.3.12-0.8mdvmes5.2.i586.rpm\n 95851e4895bebace6a800c21411c2c98 mes5/i586/samba-client-3.3.12-0.8mdvmes5.2.i586.rpm\n 615ae2342634aa724e233fe7c38e1021 mes5/i586/samba-common-3.3.12-0.8mdvmes5.2.i586.rpm\n 593f4559e2e7927c3d2be07c75f69fc2 mes5/i586/samba-doc-3.3.12-0.8mdvmes5.2.i586.rpm\n 082b8b10f48f87102f5f4e5734192274 mes5/i586/samba-server-3.3.12-0.8mdvmes5.2.i586.rpm\n 671a8293f5c9970eff7f41a382ce1de8 mes5/i586/samba-swat-3.3.12-0.8mdvmes5.2.i586.rpm\n d0826b2d50dd03a8a2def0ab8217a10b mes5/i586/samba-winbind-3.3.12-0.8mdvmes5.2.i586.rpm \n e63162eb725a3c786a9d6ce6e3ffa834 mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 08052ae7f504d3afebc2592c4563cb26 mes5/x86_64/lib64netapi0-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 959b440b7a52de85774c7826c23e5a0d mes5/x86_64/lib64netapi-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 4fbf3c6550bbd781101b19a5f59db31f mes5/x86_64/lib64smbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm\n fa0e52cf4f492cb5d991ca5305f4eca7 mes5/x86_64/lib64smbclient0-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 3aab55b5470b2dd3fe21bc22aac57881 mes5/x86_64/lib64smbclient0-static-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 62faaa06906b9b03f73d130c30841e24 mes5/x86_64/lib64smbsharemodes0-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 2989b58fbd3b45bc9f59c252c694970f mes5/x86_64/lib64smbsharemodes-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 7b02247f56fbae2c39148fbbdb2a9753 mes5/x86_64/lib64talloc1-3.3.12-0.8mdvmes5.2.x86_64.rpm\n c06c34fbdf4472157ce75f438c8975fe mes5/x86_64/lib64talloc-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 05412945bb2a1b2be22aab619395366e mes5/x86_64/lib64tdb1-3.3.12-0.8mdvmes5.2.x86_64.rpm\n a5d3e798398970a92129d182766049ab mes5/x86_64/lib64tdb-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n fa4659a2d3591b354ed48fe4780e318a mes5/x86_64/lib64wbclient0-3.3.12-0.8mdvmes5.2.x86_64.rpm\n a647ebd6ed3d00f8e0cf32db8deddd89 mes5/x86_64/lib64wbclient-devel-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 5075846b37b482eee78d1390284d221f mes5/x86_64/mount-cifs-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 08968a5c3682f2af4dab4433d3c4906c mes5/x86_64/nss_wins-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 1f391d0c654c0efa93a4a9b90ff8abad mes5/x86_64/samba-client-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 9d374a84dab147dd3a7e20f38032740f mes5/x86_64/samba-common-3.3.12-0.8mdvmes5.2.x86_64.rpm\n fbc801397a2f7b94b06397aed9e037a8 mes5/x86_64/samba-doc-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 39fde58a25e8180b574cf6e5a8f7e432 mes5/x86_64/samba-server-3.3.12-0.8mdvmes5.2.x86_64.rpm\n d9f108c12ade5b0f8905cb453cdb99dc mes5/x86_64/samba-swat-3.3.12-0.8mdvmes5.2.x86_64.rpm\n 78f300cd217228b7e44d0845f2b29c53 mes5/x86_64/samba-winbind-3.3.12-0.8mdvmes5.2.x86_64.rpm \n e63162eb725a3c786a9d6ce6e3ffa834 mes5/SRPMS/samba-3.3.12-0.8mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFPTQdAmqjQ0CJFipgRAjl5AKCHFXTjEFCIjESHT9QE+lzC/znTUQCeKcKO\ngBbgJhbdLqBQlAb9QBUHTIM=\n=j351\n-----END PGP SIGNATURE-----\n. High Risk Vulnerability in Samba\n\n25 February 2012\n\nAndy Davis of NGS Secure has discovered a high risk vulnerability in the Samba service \n\nImpact: Remote Code Execution\n\nVersions affected: Samba versions up to 3.4.0\n\nMore details about this vulnerability and how to obtain software updates can be found here:\nhttp://www.samba.org/samba/security/CVE-2012-0870\n\nNGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure. \n\nNGS Secure Research\nhttp://www.ngssecure.com\n. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\nconduct cross-site scripting attacks. ============================================================================\nUbuntu Security Notice USN-1374-1\nFebruary 24, 2012\n\nsamba vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 8.04 LTS\n\nSummary:\n\nSamba could be made to crash or run programs if it received specially\ncrafted network traffic. \n\nSoftware Description:\n- samba: SMB/CIFS file, print, and login server for Unix\n\nDetails:\n\nAndy Davis discovered that Samba incorrectly handled certain AndX offsets. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 8.04 LTS:\n samba 3.0.28a-1ubuntu4.17\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: samba security update\nAdvisory ID: RHSA-2012:0332-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0332.html\nIssue date: 2012-02-23\nCVE Names: CVE-2012-0870 \n=====================================================================\n\n1. Summary:\n\nUpdated samba packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 5.3 Long\nLife, and 5.6 Extended Update Support. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop version 4 - i386, x86_64\nRed Hat Enterprise Linux ES version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Long Life (v. 5.3 server) - i386, ia64, x86_64\nRed Hat Enterprise Linux WS version 4 - i386, ia64, x86_64\n\n3. Description:\n\nSamba is a suite of programs used by machines to share files, printers, and\nother information. \n\nAn input validation flaw was found in the way Samba handled Any Batched\n(AndX) requests. A remote, unauthenticated attacker could send a\nspecially-crafted SMB packet to the Samba server, possibly resulting in\narbitrary code execution with the privileges of the Samba server (root). \n(CVE-2012-0870)\n\nRed Hat would like to thank the Samba team for reporting this issue. \nUpstream acknowledges Andy Davis of NGS Secure as the original reporter. \n\nUsers of Samba are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing this\nupdate, the smb service will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n795509 - CVE-2012-0870 samba: Any Batched (\"AndX\") request processing infinite recursion and heap-based buffer overflow\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm\n\ni386:\nsamba-3.0.33-0.35.el4.i386.rpm\nsamba-client-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-swat-3.0.33-0.35.el4.i386.rpm\n\nia64:\nsamba-3.0.33-0.35.el4.ia64.rpm\nsamba-client-3.0.33-0.35.el4.ia64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.ia64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.ia64.rpm\nsamba-swat-3.0.33-0.35.el4.ia64.rpm\n\nppc:\nsamba-3.0.33-0.35.el4.ppc.rpm\nsamba-client-3.0.33-0.35.el4.ppc.rpm\nsamba-common-3.0.33-0.35.el4.ppc.rpm\nsamba-common-3.0.33-0.35.el4.ppc64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.ppc.rpm\nsamba-debuginfo-3.0.33-0.35.el4.ppc64.rpm\nsamba-swat-3.0.33-0.35.el4.ppc.rpm\n\ns390:\nsamba-3.0.33-0.35.el4.s390.rpm\nsamba-client-3.0.33-0.35.el4.s390.rpm\nsamba-common-3.0.33-0.35.el4.s390.rpm\nsamba-debuginfo-3.0.33-0.35.el4.s390.rpm\nsamba-swat-3.0.33-0.35.el4.s390.rpm\n\ns390x:\nsamba-3.0.33-0.35.el4.s390x.rpm\nsamba-client-3.0.33-0.35.el4.s390x.rpm\nsamba-common-3.0.33-0.35.el4.s390.rpm\nsamba-common-3.0.33-0.35.el4.s390x.rpm\nsamba-debuginfo-3.0.33-0.35.el4.s390.rpm\nsamba-debuginfo-3.0.33-0.35.el4.s390x.rpm\nsamba-swat-3.0.33-0.35.el4.s390x.rpm\n\nx86_64:\nsamba-3.0.33-0.35.el4.x86_64.rpm\nsamba-client-3.0.33-0.35.el4.x86_64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.x86_64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.x86_64.rpm\nsamba-swat-3.0.33-0.35.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm\n\ni386:\nsamba-3.0.33-0.35.el4.i386.rpm\nsamba-client-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-swat-3.0.33-0.35.el4.i386.rpm\n\nx86_64:\nsamba-3.0.33-0.35.el4.x86_64.rpm\nsamba-client-3.0.33-0.35.el4.x86_64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.x86_64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.x86_64.rpm\nsamba-swat-3.0.33-0.35.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm\n\ni386:\nsamba-3.0.33-0.35.el4.i386.rpm\nsamba-client-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-swat-3.0.33-0.35.el4.i386.rpm\n\nia64:\nsamba-3.0.33-0.35.el4.ia64.rpm\nsamba-client-3.0.33-0.35.el4.ia64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.ia64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.ia64.rpm\nsamba-swat-3.0.33-0.35.el4.ia64.rpm\n\nx86_64:\nsamba-3.0.33-0.35.el4.x86_64.rpm\nsamba-client-3.0.33-0.35.el4.x86_64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.x86_64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.x86_64.rpm\nsamba-swat-3.0.33-0.35.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.33-0.35.el4.src.rpm\n\ni386:\nsamba-3.0.33-0.35.el4.i386.rpm\nsamba-client-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-swat-3.0.33-0.35.el4.i386.rpm\n\nia64:\nsamba-3.0.33-0.35.el4.ia64.rpm\nsamba-client-3.0.33-0.35.el4.ia64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.ia64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.ia64.rpm\nsamba-swat-3.0.33-0.35.el4.ia64.rpm\n\nx86_64:\nsamba-3.0.33-0.35.el4.x86_64.rpm\nsamba-client-3.0.33-0.35.el4.x86_64.rpm\nsamba-common-3.0.33-0.35.el4.i386.rpm\nsamba-common-3.0.33-0.35.el4.x86_64.rpm\nsamba-debuginfo-3.0.33-0.35.el4.i386.rpm\nsamba-debuginfo-3.0.33-0.35.el4.x86_64.rpm\nsamba-swat-3.0.33-0.35.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm\n\ni386:\nlibsmbclient-3.0.33-3.38.el5_8.i386.rpm\nsamba-3.0.33-3.38.el5_8.i386.rpm\nsamba-client-3.0.33-3.38.el5_8.i386.rpm\nsamba-common-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\nsamba-swat-3.0.33-3.38.el5_8.i386.rpm\n\nx86_64:\nlibsmbclient-3.0.33-3.38.el5_8.i386.rpm\nlibsmbclient-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-client-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-common-3.0.33-3.38.el5_8.i386.rpm\nsamba-common-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-swat-3.0.33-3.38.el5_8.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm\n\ni386:\nlibsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\n\nx86_64:\nlibsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm\n\nRed Hat Enterprise Linux Long Life (v. 5.3 server):\n\nSource:\nsamba-3.0.33-3.7.el5_3.4.src.rpm\n\ni386:\nsamba-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-client-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-common-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-debuginfo-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-swat-3.0.33-3.7.el5_3.4.i386.rpm\n\nia64:\nsamba-3.0.33-3.7.el5_3.4.ia64.rpm\nsamba-client-3.0.33-3.7.el5_3.4.ia64.rpm\nsamba-common-3.0.33-3.7.el5_3.4.ia64.rpm\nsamba-debuginfo-3.0.33-3.7.el5_3.4.ia64.rpm\nsamba-swat-3.0.33-3.7.el5_3.4.ia64.rpm\n\nx86_64:\nsamba-3.0.33-3.7.el5_3.4.x86_64.rpm\nsamba-client-3.0.33-3.7.el5_3.4.x86_64.rpm\nsamba-common-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-common-3.0.33-3.7.el5_3.4.x86_64.rpm\nsamba-debuginfo-3.0.33-3.7.el5_3.4.i386.rpm\nsamba-debuginfo-3.0.33-3.7.el5_3.4.x86_64.rpm\nsamba-swat-3.0.33-3.7.el5_3.4.x86_64.rpm\n\nRed Hat Enterprise Linux EUS (v. 5.6 server):\n\nSource:\nsamba-3.0.33-3.29.el5_6.4.src.rpm\n\ni386:\nlibsmbclient-3.0.33-3.29.el5_6.4.i386.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-client-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-common-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-swat-3.0.33-3.29.el5_6.4.i386.rpm\n\nia64:\nlibsmbclient-3.0.33-3.29.el5_6.4.ia64.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.ia64.rpm\nsamba-3.0.33-3.29.el5_6.4.ia64.rpm\nsamba-client-3.0.33-3.29.el5_6.4.ia64.rpm\nsamba-common-3.0.33-3.29.el5_6.4.ia64.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.ia64.rpm\nsamba-swat-3.0.33-3.29.el5_6.4.ia64.rpm\n\nppc:\nlibsmbclient-3.0.33-3.29.el5_6.4.ppc.rpm\nlibsmbclient-3.0.33-3.29.el5_6.4.ppc64.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.ppc.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.ppc64.rpm\nsamba-3.0.33-3.29.el5_6.4.ppc.rpm\nsamba-client-3.0.33-3.29.el5_6.4.ppc.rpm\nsamba-common-3.0.33-3.29.el5_6.4.ppc.rpm\nsamba-common-3.0.33-3.29.el5_6.4.ppc64.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.ppc.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.ppc64.rpm\nsamba-swat-3.0.33-3.29.el5_6.4.ppc.rpm\n\ns390x:\nlibsmbclient-3.0.33-3.29.el5_6.4.s390.rpm\nlibsmbclient-3.0.33-3.29.el5_6.4.s390x.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.s390.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.s390x.rpm\nsamba-3.0.33-3.29.el5_6.4.s390x.rpm\nsamba-client-3.0.33-3.29.el5_6.4.s390x.rpm\nsamba-common-3.0.33-3.29.el5_6.4.s390.rpm\nsamba-common-3.0.33-3.29.el5_6.4.s390x.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.s390.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.s390x.rpm\nsamba-swat-3.0.33-3.29.el5_6.4.s390x.rpm\n\nx86_64:\nlibsmbclient-3.0.33-3.29.el5_6.4.i386.rpm\nlibsmbclient-3.0.33-3.29.el5_6.4.x86_64.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.i386.rpm\nlibsmbclient-devel-3.0.33-3.29.el5_6.4.x86_64.rpm\nsamba-3.0.33-3.29.el5_6.4.x86_64.rpm\nsamba-client-3.0.33-3.29.el5_6.4.x86_64.rpm\nsamba-common-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-common-3.0.33-3.29.el5_6.4.x86_64.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.i386.rpm\nsamba-debuginfo-3.0.33-3.29.el5_6.4.x86_64.rpm\nsamba-swat-3.0.33-3.29.el5_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.33-3.38.el5_8.src.rpm\n\ni386:\nlibsmbclient-3.0.33-3.38.el5_8.i386.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm\nsamba-3.0.33-3.38.el5_8.i386.rpm\nsamba-client-3.0.33-3.38.el5_8.i386.rpm\nsamba-common-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\nsamba-swat-3.0.33-3.38.el5_8.i386.rpm\n\nia64:\nlibsmbclient-3.0.33-3.38.el5_8.ia64.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.ia64.rpm\nsamba-3.0.33-3.38.el5_8.ia64.rpm\nsamba-client-3.0.33-3.38.el5_8.ia64.rpm\nsamba-common-3.0.33-3.38.el5_8.ia64.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.ia64.rpm\nsamba-swat-3.0.33-3.38.el5_8.ia64.rpm\n\nppc:\nlibsmbclient-3.0.33-3.38.el5_8.ppc.rpm\nlibsmbclient-3.0.33-3.38.el5_8.ppc64.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.ppc.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.ppc64.rpm\nsamba-3.0.33-3.38.el5_8.ppc.rpm\nsamba-client-3.0.33-3.38.el5_8.ppc.rpm\nsamba-common-3.0.33-3.38.el5_8.ppc.rpm\nsamba-common-3.0.33-3.38.el5_8.ppc64.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.ppc.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.ppc64.rpm\nsamba-swat-3.0.33-3.38.el5_8.ppc.rpm\n\ns390x:\nlibsmbclient-3.0.33-3.38.el5_8.s390.rpm\nlibsmbclient-3.0.33-3.38.el5_8.s390x.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.s390.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.s390x.rpm\nsamba-3.0.33-3.38.el5_8.s390x.rpm\nsamba-client-3.0.33-3.38.el5_8.s390x.rpm\nsamba-common-3.0.33-3.38.el5_8.s390.rpm\nsamba-common-3.0.33-3.38.el5_8.s390x.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.s390.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.s390x.rpm\nsamba-swat-3.0.33-3.38.el5_8.s390x.rpm\n\nx86_64:\nlibsmbclient-3.0.33-3.38.el5_8.i386.rpm\nlibsmbclient-3.0.33-3.38.el5_8.x86_64.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.i386.rpm\nlibsmbclient-devel-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-client-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-common-3.0.33-3.38.el5_8.i386.rpm\nsamba-common-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.i386.rpm\nsamba-debuginfo-3.0.33-3.38.el5_8.x86_64.rpm\nsamba-swat-3.0.33-3.38.el5_8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-0870.html\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFPRq5BXlSAg2UNWIIRAi8UAKCeG0OK/toZruQMW71pNgX/9EFWJACfWhgR\n2fYxfIbc/dSB94Bi22p/vW4=\n=Pybf\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-22\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Samba: Multiple vulnerabilities\n Date: June 24, 2012\n Bugs: #290633, #310105, #323785, #332063, #337295, #356917,\n #382263, #386375, #405551, #411487, #414319\n ID: 201206-22\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Samba, the worst of which\nmay allow execution of arbitrary code with root privileges. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-fs/samba \u003c 3.5.15 \u003e= 3.5.15\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Samba. Please review\nthe CVE identifiers referenced below for details. Furthermore, a local attacker\nmay be able to cause a Denial of Service condition or obtain sensitive\ninformation in a Samba credentials file. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Samba users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-fs/samba-3.5.15\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-2906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2906\n[ 2 ] CVE-2009-2948\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2948\n[ 3 ] CVE-2010-0728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728\n[ 4 ] CVE-2010-1635\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1635\n[ 5 ] CVE-2010-1642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1642\n[ 6 ] CVE-2010-2063\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2063\n[ 7 ] CVE-2010-3069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3069\n[ 8 ] CVE-2011-0719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0719\n[ 9 ] CVE-2011-1678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1678\n[ 10 ] CVE-2011-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2724\n[ 11 ] CVE-2012-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0870\n[ 12 ] CVE-2012-1182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1182\n[ 13 ] CVE-2012-2111\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2111\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-22.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0870"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "BID",
"id": "52103"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "PACKETSTORM",
"id": "110204"
},
{
"db": "PACKETSTORM",
"id": "110292"
},
{
"db": "PACKETSTORM",
"id": "110243"
},
{
"db": "PACKETSTORM",
"id": "110098"
},
{
"db": "PACKETSTORM",
"id": "110182"
},
{
"db": "PACKETSTORM",
"id": "110140"
},
{
"db": "PACKETSTORM",
"id": "114137"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0870",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "48186",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48844",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48116",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48879",
"trust": 1.7
},
{
"db": "BID",
"id": "52103",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-9013",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0808",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "48152",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2012-0870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110204",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110243",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "48066",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110098",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114137",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "BID",
"id": "52103"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "PACKETSTORM",
"id": "110204"
},
{
"db": "PACKETSTORM",
"id": "110292"
},
{
"db": "PACKETSTORM",
"id": "110243"
},
{
"db": "PACKETSTORM",
"id": "110098"
},
{
"db": "PACKETSTORM",
"id": "110182"
},
{
"db": "PACKETSTORM",
"id": "110140"
},
{
"db": "PACKETSTORM",
"id": "114137"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"id": "VAR-201202-0323",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
}
],
"trust": 1.60370372
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
}
]
},
"last_update_date": "2024-07-23T19:54:14.463000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2012-05-09-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2012/may/msg00001.html"
},
{
"title": "HT5281",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5281"
},
{
"title": "HT5281",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5281?viewlocale=ja_jp"
},
{
"title": "Bug 795509",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=795509"
},
{
"title": "CVE-2012-0870",
"trust": 0.8,
"url": "http://www.samba.org/samba/security/cve-2012-0870.html"
},
{
"title": "KB29565",
"trust": 0.8,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb29565"
},
{
"title": "CVE-2012-0870 Buffer overflow vulnerability in Samba",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0870_buffer_overflow"
},
{
"title": "Patch for BlackBerry PlayBook remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/34068"
},
{
"title": "Patch for BlackBerry PlayBook Tablet Samba File Sharing Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10751"
},
{
"title": "Samba Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234413"
},
{
"title": "Red Hat: Critical: samba security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120332 - security advisory"
},
{
"title": "Ubuntu Security Notice: samba vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1374-1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb29565"
},
{
"trust": 2.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=795509"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-1374-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48116"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48186"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht5281"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48844"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48879"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73361"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html"
},
{
"trust": 1.1,
"url": "http://www.samba.org/samba/security/cve-2012-0870"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0870"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu692779/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0870"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2012:0332"
},
{
"trust": 0.6,
"url": "http://web.nvd.nist.gov/view/vuln/search-results?query=cve-2012-0870"
},
{
"trust": 0.6,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2012-0870"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0870"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0332.html"
},
{
"trust": 0.3,
"url": "http://www.samba.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1374-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/52103"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48152"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48152/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48152/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://www.ngssecure.com"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/2012/dsa-2414"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48066"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48066/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48066/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/samba/3.0.28a-1ubuntu4.17"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0870.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2948"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2063"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1678"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201206-22.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0870"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1635"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1635"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1642"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2948"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2063"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3069"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2111"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "BID",
"id": "52103"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "PACKETSTORM",
"id": "110204"
},
{
"db": "PACKETSTORM",
"id": "110292"
},
{
"db": "PACKETSTORM",
"id": "110243"
},
{
"db": "PACKETSTORM",
"id": "110098"
},
{
"db": "PACKETSTORM",
"id": "110182"
},
{
"db": "PACKETSTORM",
"id": "110140"
},
{
"db": "PACKETSTORM",
"id": "114137"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"db": "BID",
"id": "52103"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"db": "PACKETSTORM",
"id": "110204"
},
{
"db": "PACKETSTORM",
"id": "110292"
},
{
"db": "PACKETSTORM",
"id": "110243"
},
{
"db": "PACKETSTORM",
"id": "110098"
},
{
"db": "PACKETSTORM",
"id": "110182"
},
{
"db": "PACKETSTORM",
"id": "110140"
},
{
"db": "PACKETSTORM",
"id": "114137"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"date": "2012-02-23T00:00:00",
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"date": "2012-02-21T00:00:00",
"db": "BID",
"id": "52103"
},
{
"date": "2012-02-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"date": "2012-02-26T09:58:15",
"db": "PACKETSTORM",
"id": "110204"
},
{
"date": "2012-02-28T15:18:00",
"db": "PACKETSTORM",
"id": "110292"
},
{
"date": "2012-02-27T14:22:22",
"db": "PACKETSTORM",
"id": "110243"
},
{
"date": "2012-02-22T09:06:52",
"db": "PACKETSTORM",
"id": "110098"
},
{
"date": "2012-02-24T22:59:46",
"db": "PACKETSTORM",
"id": "110182"
},
{
"date": "2012-02-24T03:48:42",
"db": "PACKETSTORM",
"id": "110140"
},
{
"date": "2012-06-24T23:53:49",
"db": "PACKETSTORM",
"id": "114137"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"date": "2012-02-23T12:33:55.407000",
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-9013"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0808"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2012-0870"
},
{
"date": "2012-06-25T13:00:00",
"db": "BID",
"id": "52103"
},
{
"date": "2014-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003692"
},
{
"date": "2023-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-439"
},
{
"date": "2023-02-13T04:32:52.433000",
"db": "NVD",
"id": "CVE-2012-0870"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samba of smbd Inside process.c Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003692"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-439"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.