CVE-2012-2111
Description
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the take ownership privilege via an LSA connection.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.255
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Ctdb update (ELSA-2018-3056) ctdb-4.8.3-4.el7.x86_64.rpm | Linux |
| Ctdb-tests update (ELSA-2018-3056) ctdb-tests-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.x86_64.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba update (ELSA-2018-3056) samba-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client update (ELSA-2018-3056) samba-client-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-libs update (ELSA-2018-3056) samba-common-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common-tools update (ELSA-2018-3056) samba-common-tools-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc update (ELSA-2018-3056) samba-dc-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-dc-libs update (ELSA-2018-3056) samba-dc-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-krb5-printing update (ELSA-2018-3056) samba-krb5-printing-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python update (ELSA-2018-3056) samba-python-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-python-test update (ELSA-2018-3056) samba-python-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test update (ELSA-2018-3056) samba-test-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-vfs-glusterfs update (ELSA-2018-3056) samba-vfs-glusterfs-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind update (ELSA-2018-3056) samba-winbind-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-clients update (ELSA-2018-3056) samba-winbind-clients-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-krb5-locator update (ELSA-2018-3056) samba-winbind-krb5-locator-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.x86_64.rpm | Linux |
| Samba-common update (ELSA-2018-3056) samba-common-4.8.3-4.el7.noarch.rpm | Linux |
| Samba-pidl update (ELSA-2018-3056) samba-pidl-4.8.3-4.el7.noarch.rpm | Linux |
| Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.i686.rpm | Linux |
| Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.i686.rpm | Linux |
| Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.i686.rpm | Linux |
| Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234