[Bug 978458] [NEW] CVE-2012-1182: "root" credential remote code execution
Ryan Tucker
rtucker at gmail.com
Tue Apr 10 23:58:03 UTC 2012
*** This bug is a security vulnerability ***
Public security bug reported:
CVE-2012-1182 was recently made public for a remote, unauthenticated,
root code execution flaw in most samba versions 3.0+:
https://www.samba.org/samba/security/CVE-2012-1182
I believe Ubuntu's packages to be vulnerable. As the CVE is already
public and patches are in the wild, I am flagging this as a security
vulnerability but will un-privatize it shortly.
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
** Affects: samba (Debian)
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
** Bug watch added: Debian Bug tracker #668309
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309
** Also affects: samba (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309
Importance: Unknown
Status: Unknown
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1182
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/978458
Title:
CVE-2012-1182: "root" credential remote code execution
Status in “samba” package in Ubuntu:
New
Status in “samba” package in Debian:
Unknown
Bug description:
CVE-2012-1182 was recently made public for a remote, unauthenticated,
root code execution flaw in most samba versions 3.0+:
https://www.samba.org/samba/security/CVE-2012-1182
I believe Ubuntu's packages to be vulnerable. As the CVE is already
public and patches are in the wild, I am flagging this as a security
vulnerability but will un-privatize it shortly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions
More information about the foundations-bugs
mailing list