ID de Prueba:	1.3.6.1.4.1.25623.1.0.63080
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2007-55 (samba)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to samba announced via advisory TLSA-2007-55. Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients. Multiple stack-based buffer overflow vulnerabilities exists in samba. This vulnerabilities may allow remote attackers to execute arbitrary code. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2007-55 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4572 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html BugTraq ID: 26454 http://www.securityfocus.com/bid/26454 Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1409 (Google Search) http://www.debian.org/security/2007/dsa-1409 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml HPdes Security Advisory: HPSBUX02316 http://marc.info/?l=bugtraq&m=120524782005154&w=2 HPdes Security Advisory: HPSBUX02341 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 HPdes Security Advisory: SSRT071495 HPdes Security Advisory: SSRT080075 http://www.mandriva.com/security/advisories?name=MDKSA-2007:224 http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643 http://www.redhat.com/support/errata/RHSA-2007-1013.html http://www.redhat.com/support/errata/RHSA-2007-1016.html http://www.redhat.com/support/errata/RHSA-2007-1017.html http://securitytracker.com/id?1018954 http://secunia.com/advisories/27450 http://secunia.com/advisories/27679 http://secunia.com/advisories/27682 http://secunia.com/advisories/27691 http://secunia.com/advisories/27701 http://secunia.com/advisories/27720 http://secunia.com/advisories/27731 http://secunia.com/advisories/27787 http://secunia.com/advisories/27927 http://secunia.com/advisories/28136 http://secunia.com/advisories/28368 http://secunia.com/advisories/29341 http://secunia.com/advisories/30484 http://secunia.com/advisories/30736 http://secunia.com/advisories/30835 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1 SuSE Security Announcement: SUSE-SA:2007:065 (Google Search) http://www.novell.com/linux/security/advisories/2007_65_samba.html https://usn.ubuntu.com/544-1/ http://www.ubuntu.com/usn/usn-544-2 http://www.ubuntu.com/usn/usn-617-1 http://www.vupen.com/english/advisories/2007/3869 http://www.vupen.com/english/advisories/2007/4238 http://www.vupen.com/english/advisories/2008/0064 http://www.vupen.com/english/advisories/2008/0859/references http://www.vupen.com/english/advisories/2008/1712/references http://www.vupen.com/english/advisories/2008/1908 XForce ISS Database: samba-nmbd-bo(38501) https://exchange.xforce.ibmcloud.com/vulnerabilities/38501 Common Vulnerability Exposure (CVE) ID: CVE-2007-5398 BugTraq ID: 26455 http://www.securityfocus.com/bid/26455 Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/483744/100/0/threaded http://secunia.com/secunia_research/2007-90/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811 http://securitytracker.com/id?1018953 http://secunia.com/advisories/27742 http://securityreason.com/securityalert/3372 XForce ISS Database: samba-replynetbiospacket-bo(38502) https://exchange.xforce.ibmcloud.com/vulnerabilities/38502 Common Vulnerability Exposure (CVE) ID: CVE-2007-6015 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html BugTraq ID: 26791 http://www.securityfocus.com/bid/26791 Bugtraq: 20071210 Secunia Research: Samba "send_mailslot()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/484818/100/0/threaded Bugtraq: 20071210 [SECURITY] Buffer overrun in send_mailslot() (Google Search) http://www.securityfocus.com/archive/1/484825/100/0/threaded Bugtraq: 20071210 rPSA-2007-0261-1 samba samba-swat (Google Search) http://www.securityfocus.com/archive/1/484827/100/0/threaded Bugtraq: 20071214 POC for samba send_mailslot() (Google Search) http://www.securityfocus.com/archive/1/485144/100/0/threaded Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search) http://www.securityfocus.com/archive/1/488457/100/0/threaded Cert/CC Advisory: TA08-043B http://www.us-cert.gov/cas/techalerts/TA08-043B.html CERT/CC vulnerability note: VU#438395 http://www.kb.cert.org/vuls/id/438395 Debian Security Information: DSA-1427 (Google Search) http://www.debian.org/security/2007/dsa-1427 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html http://security.gentoo.org/glsa/glsa-200712-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:244 http://secunia.com/secunia_research/2007-99/advisory/ http://lists.vmware.com/pipermail/security-announce/2008/000005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605 http://www.redhat.com/support/errata/RHSA-2007-1114.html http://www.redhat.com/support/errata/RHSA-2007-1117.html http://www.securitytracker.com/id?1019065 http://secunia.com/advisories/27760 http://secunia.com/advisories/27894 http://secunia.com/advisories/27977 http://secunia.com/advisories/27993 http://secunia.com/advisories/27999 http://secunia.com/advisories/28003 http://secunia.com/advisories/28028 http://secunia.com/advisories/28029 http://secunia.com/advisories/28037 http://secunia.com/advisories/28067 http://secunia.com/advisories/28089 http://secunia.com/advisories/28891 http://secunia.com/advisories/29032 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554 http://securityreason.com/securityalert/3438 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1 SuSE Security Announcement: SUSE-SA:2007:068 (Google Search) http://www.novell.com/linux/security/advisories/2007_68_samba.html http://www.ubuntu.com/usn/usn-556-1 http://www.vupen.com/english/advisories/2007/4153 http://www.vupen.com/english/advisories/2008/0495/references http://www.vupen.com/english/advisories/2008/0637 XForce ISS Database: samba-sendmailslot-bo(38965) https://exchange.xforce.ibmcloud.com/vulnerabilities/38965
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.