CVE-2011-2467
Published: 19 July 2011
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors.
From the Ubuntu Security Team
It was discovered that an SQL injection vulnerability exists in the Likewise Security Authority (lsass) local authentication provider. A local attacker could use this to gain elevated privileges.
Priority
Status
Package | Release | Status |
---|---|---|
likewise-open Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(5.4.0.42111-2ubuntu1.3)
|
|
maverick |
Released
(5.4.0.42111-2ubuntu2.1)
|
|
natty |
Released
(6.0.0.53010-4ubuntu5.1)
|
|
upstream |
Needs triage
|