USN-1423-1: Samba vulnerability
13 April 2012
Samba could be made to run programs as the administrator if it received specially crafted network traffic.
Releases
Packages
- samba - SMB/CIFS file, print, and login server for Unix
Details
Brian Gorenc discovered that Samba incorrectly calculated array bounds when
handling remote procedure calls (RPC) over the network. A remote,
unauthenticated attacker could exploit this to execute arbitrary code as the
root user. (CVE-2012-1182)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 8.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
In general, a standard system update will make all the necessary changes.