*** This bug is a security vulnerability *** Public security bug reported:
CVE-2012-1182 was recently made public for a remote, unauthenticated, root code execution flaw in most samba versions 3.0+: https://www.samba.org/samba/security/CVE-2012-1182 I believe Ubuntu's packages to be vulnerable. As the CVE is already public and patches are in the wild, I am flagging this as a security vulnerability but will un-privatize it shortly. ** Affects: samba (Ubuntu) Importance: Undecided Status: New ** Affects: samba (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** Bug watch added: Debian Bug tracker #668309 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309 ** Also affects: samba (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309 Importance: Unknown Status: Unknown ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-1182 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/978458 Title: CVE-2012-1182: "root" credential remote code execution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/978458/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs