Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.831433 |
Categoría: | Mandrake Local Security Checks |
Título: | Mandriva Update for samba MDVSA-2011:121 (samba) |
Resumen: | The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'samba' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been discovered and corrected in samba: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT (CVE-2011-2522). All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field (CVE-2011-2694). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues. Affected Software/OS: samba on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2522 BugTraq ID: 48899 http://www.securityfocus.com/bid/48899 Debian Security Information: DSA-2290 (Google Search) http://www.debian.org/security/2011/dsa-2290 http://www.exploit-db.com/exploits/17577 HPdes Security Advisory: HPSBNS02701 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543 HPdes Security Advisory: HPSBUX02768 http://marc.info/?l=bugtraq&m=133527864025056&w=2 HPdes Security Advisory: SSRT100598 HPdes Security Advisory: SSRT100664 http://jvn.jp/en/jp/JVN29529126/index.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:121 http://osvdb.org/74071 http://securitytracker.com/id?1025852 http://secunia.com/advisories/45393 http://secunia.com/advisories/45488 http://secunia.com/advisories/45496 http://securityreason.com/securityalert/8317 http://ubuntu.com/usn/usn-1182-1 XForce ISS Database: samba-swat-csrf(68843) https://exchange.xforce.ibmcloud.com/vulnerabilities/68843 Common Vulnerability Exposure (CVE) ID: CVE-2011-2694 BugTraq ID: 48901 http://www.securityfocus.com/bid/48901 http://jvn.jp/en/jp/JVN63041502/index.html http://osvdb.org/74072 XForce ISS Database: samba-user-xss(68844) https://exchange.xforce.ibmcloud.com/vulnerabilities/68844 |
Copyright | Copyright (c) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |