UBUNTU-CVE-2012-6150

Source
https://ubuntu.com/security/CVE-2012-6150
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2012/UBUNTU-CVE-2012-6150.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2012-6150
Related
Published
2013-12-03T00:00:00Z
Modified
2013-12-03T00:00:00Z
Summary
[none]
Details

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pamwinbind configuration-file mistake.

References

Affected packages

Ubuntu:14.04:LTS / samba

Package

Name
samba
Purl
pkg:deb/ubuntu/samba?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.0.13+dfsg-1ubuntu1

Affected versions

2:3.*

2:3.6.18-1ubuntu3

2:4.*

2:4.0.10+dfsg-4ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libnss-winbind"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libpam-smbpass"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libpam-winbind"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libparse-pidl-perl"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libsmbclient"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libsmbclient-dev"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libsmbsharemodes-dev"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libsmbsharemodes0"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libwbclient-dev"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "libwbclient0"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "python-samba"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "registry-tools"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-common"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-common-bin"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-dbg"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-dev"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-doc"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-dsdb-modules"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-libs"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "samba-testsuite"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "smbclient"
        },
        {
            "binary_version": "2:4.0.13+dfsg-1ubuntu1",
            "binary_name": "winbind"
        }
    ]
}