ID de Prueba:	1.3.6.1.4.1.25623.1.0.58388
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:104-1 (samba)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to samba announced via advisory MDKSA-2007:104-1. A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server (CVE-2007-2446). A remote authenticated user could trigger a flaw where unescaped user input parameters were being passed as arguments to /bin/sh (CVE-2007-2447). Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from name using the Samba local list of user and group accounts, a logic error in smbd's internal security stack could result in a transition to the root user id rather than the non-root user (CVE-2007-2444). Update: The fix for CVE-2007-2444 broke the behaviour of force group when the forced group is a local Unix group for domain member servers. This update corrects that regression. Affected: 2007.0, 2007.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:104-1 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2446 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BugTraq ID: 23973 http://www.securityfocus.com/bid/23973 BugTraq ID: 24195 http://www.securityfocus.com/bid/24195 BugTraq ID: 24196 http://www.securityfocus.com/bid/24196 BugTraq ID: 24197 http://www.securityfocus.com/bid/24197 BugTraq ID: 24198 http://www.securityfocus.com/bid/24198 BugTraq ID: 25159 http://www.securityfocus.com/bid/25159 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution (Google Search) http://www.securityfocus.com/archive/1/468542/100/0/threaded Bugtraq: 20070515 FLEA-2007-0017-1: samba (Google Search) http://www.securityfocus.com/archive/1/468670/100/0/threaded Bugtraq: 20070515 ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468674/100/0/threaded Bugtraq: 20070515 ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468675/100/0/threaded Bugtraq: 20070515 ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468673/100/0/threaded Bugtraq: 20070515 ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468672/100/0/threaded Bugtraq: 20070515 ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468680/100/0/threaded CERT/CC vulnerability note: VU#773720 http://www.kb.cert.org/vuls/id/773720 Debian Security Information: DSA-1291 (Google Search) http://www.debian.org/security/2007/dsa-1291 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200705-15.xml HPdes Security Advisory: HPSBTU02218 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 HPdes Security Advisory: HPSBUX02218 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768 HPdes Security Advisory: SSRT071424 http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 http://www.zerodayinitiative.com/advisories/ZDI-07-029.html http://www.zerodayinitiative.com/advisories/ZDI-07-030.html http://www.zerodayinitiative.com/advisories/ZDI-07-031.html http://www.zerodayinitiative.com/advisories/ZDI-07-032.html http://www.zerodayinitiative.com/advisories/ZDI-07-033.html http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html http://osvdb.org/34699 http://osvdb.org/34731 http://www.osvdb.org/34732 http://osvdb.org/34733 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11415 http://www.redhat.com/support/errata/RHSA-2007-0354.html http://www.securitytracker.com/id?1018050 http://secunia.com/advisories/25232 http://secunia.com/advisories/25241 http://secunia.com/advisories/25246 http://secunia.com/advisories/25251 http://secunia.com/advisories/25255 http://secunia.com/advisories/25256 http://secunia.com/advisories/25257 http://secunia.com/advisories/25259 http://secunia.com/advisories/25270 http://secunia.com/advisories/25289 http://secunia.com/advisories/25391/ http://secunia.com/advisories/25567 http://secunia.com/advisories/25675 http://secunia.com/advisories/25772 http://secunia.com/advisories/26235 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 http://secunia.com/advisories/28292 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 http://securityreason.com/securityalert/2702 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 SuSE Security Announcement: SUSE-SA:2007:031 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html http://www.trustix.org/errata/2007/0017/ http://www.ubuntu.com/usn/usn-460-1 http://www.vupen.com/english/advisories/2007/1805 http://www.vupen.com/english/advisories/2007/2079 http://www.vupen.com/english/advisories/2007/2210 http://www.vupen.com/english/advisories/2007/2281 http://www.vupen.com/english/advisories/2007/2732 http://www.vupen.com/english/advisories/2007/3229 http://www.vupen.com/english/advisories/2008/0050 XForce ISS Database: samba-lsaioprivilegeset-bo(34309) https://exchange.xforce.ibmcloud.com/vulnerabilities/34309 XForce ISS Database: samba-lsaiotransnames-bo(34316) https://exchange.xforce.ibmcloud.com/vulnerabilities/34316 XForce ISS Database: samba-netdfsiodfsenuminfod-bo(34311) https://exchange.xforce.ibmcloud.com/vulnerabilities/34311 XForce ISS Database: samba-secioacl-bo(34314) https://exchange.xforce.ibmcloud.com/vulnerabilities/34314 XForce ISS Database: samba-smbionotifyoptiontypedata-bo(34312) https://exchange.xforce.ibmcloud.com/vulnerabilities/34312 Common Vulnerability Exposure (CVE) ID: CVE-2007-2447 BugTraq ID: 23972 http://www.securityfocus.com/bid/23972 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468565/100/0/threaded CERT/CC vulnerability note: VU#268336 http://www.kb.cert.org/vuls/id/268336 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534 http://www.osvdb.org/34700 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062 http://www.securitytracker.com/id?1018051 http://secunia.com/advisories/26083 http://securityreason.com/securityalert/2700 SuSE Security Announcement: SUSE-SR:2007:014 (Google Search) http://www.novell.com/linux/security/advisories/2007_14_sr.html Common Vulnerability Exposure (CVE) ID: CVE-2007-2444 BugTraq ID: 23974 http://www.securityfocus.com/bid/23974 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation (Google Search) http://www.securityfocus.com/archive/1/468548/100/0/threaded http://osvdb.org/34698 http://www.securitytracker.com/id?1018049 http://securityreason.com/securityalert/2701 http://www.ubuntu.com/usn/usn-460-2
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.