Ubuntu Security Notice 1434-1 - Ivano Cristofolini discovered that Samba incorrectly handled some Local Security Authority (LSA) remote procedure calls (RPC). A remote, authenticated attacker could exploit this to grant administrative privileges to arbitrary users. The administrative privileges could be used to bypass permission checks performed by the Samba server.
41f1fd4fd196ee10bd6c5b53ff41c4c499e74e7142b4e0c69a1a26d5d475ea7a