{ "threat_severity" : "Important", "public_date" : "2012-04-30T00:00:00Z", "bugzilla" : { "description" : "samba: Incorrect permission checks when granting/removing privileges", "id" : "813569", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=813569" }, "cvss" : { "cvss_base_score" : "6.0", "cvss_scoring_vector" : "AV:N/AC:M/Au:S/C:P/I:P/A:P", "status" : "verified" }, "details" : [ "The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the \"take ownership\" privilege via an LSA connection." ], "acknowledgement" : "Red Hat would like to thank Samba project for reporting this issue. Upstream acknowledges Ivano Cristofolini as the original reporter.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2012-04-30T00:00:00Z", "advisory" : "RHSA-2012:0533", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "samba3x-0:3.5.10-0.109.el5_8" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2012-04-30T00:00:00Z", "advisory" : "RHSA-2012:0533", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "samba-0:3.5.10-116.el6_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 4", "fix_state" : "Not affected", "package_name" : "samba", "cpe" : "cpe:/o:redhat:enterprise_linux:4" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "samba", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "samba4", "cpe" : "cpe:/o:redhat:enterprise_linux:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-2111\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2111" ], "name" : "CVE-2012-2111", "csaw" : false }