ID de Prueba:	1.3.6.1.4.1.25623.1.0.68017
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0698
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0698. Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069) Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0698.html http://www.redhat.com/security/updates/classification/#critical Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3069 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html BugTraq ID: 43212 http://www.securityfocus.com/bid/43212 Bugtraq: 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console (Google Search) http://www.securityfocus.com/archive/1/515055/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html HPdes Security Advisory: HPSBUX02657 http://marc.info/?l=bugtraq&m=130835366526620&w=2 HPdes Security Advisory: SSRT100460 http://www.redhat.com/support/errata/RHSA-2010-0860.html http://www.securitytracker.com/id?1024434 http://secunia.com/advisories/41354 http://secunia.com/advisories/41447 http://secunia.com/advisories/42531 http://secunia.com/advisories/42885 SuSE Security Announcement: SUSE-SR:2010:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.ubuntu.com/usn/USN-987-1 http://www.vupen.com/english/advisories/2010/2378 http://www.vupen.com/english/advisories/2010/3126 http://www.vupen.com/english/advisories/2011/0091 XForce ISS Database: samba-sidparse-bo(61773) https://exchange.xforce.ibmcloud.com/vulnerabilities/61773
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.