Public Date:
1036897: CVE-2012-6150 samba: pam_winbind fails open when non-existent group specified to require_membership_of

The MITRE CVE dictionary describes this issue as:

The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.

Find out more about CVE-2012-6150 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 2.9
Base Metrics AV:A/AC:H/Au:S/C:P/I:P/A:N
Access Vector Adjacent Network
Access Complexity High
Authentication Single
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 5 (samba3x) RHSA-2014:0330 2014-03-25
Red Hat Enterprise Linux version 6 (samba) RHSA-2014:0330 2014-03-25
Red Hat Enterprise Linux version 6 (samba4) RHSA-2014:0383 2014-04-09

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 samba Not affected
Red Hat Enterprise Linux 7 samba Not affected


Red Hat would like to thank Sam Richardson for reporting this issue.