Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.850203 |
Categoría: | SuSE Local Security Checks |
Título: | openSUSE: Security Advisory for update (openSUSE-SU-2012:0507-1) |
Resumen: | The remote host is missing an update for the 'update'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'update' package(s) announced via the referenced advisory. Vulnerability Insight: - Add the ldapsmb sources as else patches against them have no chance to apply. - Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe- cution as the 'root' user. PIDL based autogenerated code allows overwriting beyond of allocated array. CVE-2012-1182 (bso#8815) (bnc#752797). - s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys (bso#8599). - Correctly handle DENY ACEs when privileges apply (bso#8797). - s3:smb2_server: fix a logic error, we should sign non guest sessions (bso8749). - Allow vfs_aio_pthread to build as a static module (bso#8723). - s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for persistent dbs (#bso8527). - s3: segfault in dom_sid_compare(bso#8567). - Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER (bso#8768). - s3-winbindd: Close netlogon connection if the status returned by the NetrSamLogonEx call is timeout in the pam_auth_crap path (bso#8771). - s3-winbindd: set the can_do_validation6 also for trusted domain (bso#8599). - Fix problem when calculating the share security mask, take privileges into account for the connecting user (bso#8784). - Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups (bso#8807) (bnc#751454). - Remove obsoleted Authors lines from spec file for post-11.2 systems. - Make ldapsmb build with Fedora 15 and 16 (bso#8783). - BuildRequire libuuid-devel for post-11.0 and other systems. - Define missing python macros for non SUSE systems. - PreReq to fillup_prereq and insserv_prereq only on SUSE systems. - Always use cifstab instead of smbfstab on non SUSE systems. - Ensure AndX offsets are increasing strictly monotonically in pre-3.4 versions. CVE-2012-0870 (bnc#747934). - Add SERVERID_UNIQUE_ID_NOT_TO_VERIFY. (bso#8760) (bnc#741854). - s3-printing: fix crash in printer_list_set_printer(). (bso#8762) (bnc#746825). Affected Software/OS: update on openSUSE 12.1 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-0870 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://secunia.com/advisories/48116 http://secunia.com/advisories/48186 http://secunia.com/advisories/48844 http://secunia.com/advisories/48879 SuSE Security Announcement: SUSE-SU-2012:0337 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00008.html SuSE Security Announcement: SUSE-SU-2012:0338 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00009.html SuSE Security Announcement: SUSE-SU-2012:0502 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html SuSE Security Announcement: SUSE-SU-2012:0515 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html http://www.ubuntu.com/usn/USN-1374-1 XForce ISS Database: blackberry-playbook-samba-code-execution(73361) https://exchange.xforce.ibmcloud.com/vulnerabilities/73361 Common Vulnerability Exposure (CVE) ID: CVE-2012-1182 Debian Security Information: DSA-2450 (Google Search) http://www.debian.org/security/2012/dsa-2450 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078726.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078836.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078258.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080567.html HPdes Security Advisory: HPSBMU02790 http://marc.info/?l=bugtraq&m=133951282306605&w=2 HPdes Security Advisory: HPSBUX02789 http://marc.info/?l=bugtraq&m=134323086902585&w=2 HPdes Security Advisory: SSRT100824 HPdes Security Advisory: SSRT100872 http://www.mandriva.com/security/advisories?name=MDVSA-2012:055 http://www.securitytracker.com/id?1026913 http://secunia.com/advisories/48751 http://secunia.com/advisories/48754 http://secunia.com/advisories/48816 http://secunia.com/advisories/48818 http://secunia.com/advisories/48873 http://secunia.com/advisories/48999 SuSE Security Announcement: SUSE-SU-2012:0501 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00007.html SuSE Security Announcement: SUSE-SU-2012:0504 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00009.html http://www.ubuntu.com/usn/USN-1423-1 |
Copyright | Copyright (C) 2012 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |