USN-1434-1: Samba vulnerability
1 May 2012
Samba could allow a user to gain administrative privileges to the Samba server.
- samba - SMB/CIFS file, print, and login server for Unix
Ivano Cristofolini discovered that Samba incorrectly handled some Local
Security Authority (LSA) remote procedure calls (RPC). A remote, authenticated
attacker could exploit this to grant administrative privileges to arbitrary
users. The administrative privileges could be used to bypass permission checks
performed by the Samba server.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you may need to review the privileges of Samba