English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.54042
Kategorie:SuSE Local Security Checks
Titel:SuSE Security Advisory SUSE-SA:2004:040 (samba)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory SUSE-SA:2004:040.

There is a problem in the Samba file sharing service daemon, which
allows a remote user to have the service consume lots of computing
power and potentially crash the service by querying special wildcarded
filenames.

This attack can be successful if the Samba daemon is running and a
remote user has access to a share (even read only).

The Samba team has issued the new Samba version 3.0.8 to fix this
problem, this update backports the relevant patch.

This issue has been assigned the Mitre CVE ID CVE-2004-0930.

Stefan Esser found a problem in the Unicode string handling in the
Samba file handling which could lead to a remote heap buffer
overflow and might allow remote attackers to inject code in the smbd
process.

This issue has been assigned the Mitre CVE ID CVE-2004-0882.

The Samba version 2 packages are not affected by this problem.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2004:040

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0930
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
BugTraq ID: 11624
http://www.securityfocus.com/bid/11624
Bugtraq: 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=109993720717957&w=2
Conectiva Linux advisory: CLA-2004:899
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899
http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false
http://www.mandriva.com/security/advisories?name=MDKSA-2004:131
http://marc.info/?l=bugtraq&m=110330519803655&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936
SCO Security Bulletin: SCOSA-2005.17
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
SGI Security Advisory: 20041201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1
SuSE Security Announcement: SUSE-SA:2004:040 (Google Search)
http://www.novell.com/linux/security/advisories/2004_40_samba.html
https://www.ubuntu.com/usn/usn-22-1/
XForce ISS Database: samba-msfnmatch-dos(17987)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17987
Common Vulnerability Exposure (CVE) ID: CVE-2004-0882
Bugtraq: 20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow (Google Search)
http://marc.info/?l=bugtraq&m=110054671403755&w=2
Bugtraq: 20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd (Google Search)
http://marc.info/?l=bugtraq&m=110055646329581&w=2
Bugtraq: 20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (Google Search)
CERT/CC vulnerability note: VU#457622
http://www.kb.cert.org/vuls/id/457622
Computer Incident Advisory Center Bulletin: P-038
http://www.ciac.org/ciac/bulletins/p-038.shtml
http://security.e-matters.de/advisories/132004.html
http://www.osvdb.org/11782
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969
http://securitytracker.com/id?1012235
http://secunia.com/advisories/13189
http://www.trustix.net/errata/2004/0058/
XForce ISS Database: samba-qfilepathinfo-bo(18070)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18070
Common Vulnerability Exposure (CVE) ID: CVE-2004-1007
XForce ISS Database: bogofilter-dos(17916)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17916
Common Vulnerability Exposure (CVE) ID: CVE-2004-0989
http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html
BugTraq ID: 11526
http://www.securityfocus.com/bid/11526
Bugtraq: 20041026 libxml2 remote buffer overflows (not in xml parsing code though) (Google Search)
http://marc.info/?l=bugtraq&m=109880813013482&w=2
Computer Incident Advisory Center Bulletin: P-029
http://www.ciac.org/ciac/bulletins/p-029.shtml
Conectiva Linux advisory: CLA-2004:890
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000890
Debian Security Information: DSA-582 (Google Search)
http://www.debian.org/security/2004/dsa-582
http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml
http://www.osvdb.org/11179
http://www.osvdb.org/11180
http://www.osvdb.org/11324
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173
http://www.redhat.com/support/errata/RHSA-2004-615.html
http://www.redhat.com/support/errata/RHSA-2004-650.html
http://securitytracker.com/id?1011941
http://secunia.com/advisories/13000
SuSE Security Announcement: SUSE-SR:2005:001 (Google Search)
http://www.novell.com/linux/security/advisories/2005_01_sr.html
https://www.ubuntu.com/usn/usn-89-1/
XForce ISS Database: libxml2-nanoftp-file-bo(17872)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17872
XForce ISS Database: libxml2-nanohttp-file-bo(17876)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17876
XForce ISS Database: libxml2-xmlnanoftpscanproxy-bo(17875)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17875
XForce ISS Database: libxml2-xmlnanoftpscanurl-bo(17870)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17870
Common Vulnerability Exposure (CVE) ID: CVE-2004-0888
BugTraq ID: 11501
http://www.securityfocus.com/bid/11501
Conectiva Linux advisory: CLA-2004:886
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886
Debian Security Information: DSA-573 (Google Search)
http://www.debian.org/security/2004/dsa-573
Debian Security Information: DSA-581 (Google Search)
http://www.debian.org/security/2004/dsa-581
Debian Security Information: DSA-599 (Google Search)
http://www.debian.org/security/2004/dsa-599
http://marc.info/?l=bugtraq&m=110815379627883&w=2
https://bugzilla.fedora.us/show_bug.cgi?id=2353
http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:113
http://www.mandriva.com/security/advisories?name=MDKSA-2004:114
http://www.mandriva.com/security/advisories?name=MDKSA-2004:115
http://www.mandriva.com/security/advisories?name=MDKSA-2004:116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714
http://www.redhat.com/support/errata/RHSA-2004-543.html
http://www.redhat.com/support/errata/RHSA-2004-592.html
http://www.redhat.com/support/errata/RHSA-2005-066.html
http://www.redhat.com/support/errata/RHSA-2005-354.html
SuSE Security Announcement: SUSE-SA:2004:039 (Google Search)
http://marc.info/?l=bugtraq&m=109880927526773&w=2
https://www.ubuntu.com/usn/usn-9-1/
XForce ISS Database: xpdf-pdf-bo(17818)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
Common Vulnerability Exposure (CVE) ID: CVE-2004-0889
XForce ISS Database: xpdf-pdf-file-bo(17819)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17819
Common Vulnerability Exposure (CVE) ID: CVE-2004-0891
https://bugzilla.fedora.us/show_bug.cgi?id=2188
http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790
http://www.redhat.com/support/errata/RHSA-2004-604.html
https://www.ubuntu.com/usn/usn-8-1/
XForce ISS Database: gaim-file-transfer-dos(17790)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17790
XForce ISS Database: gaim-msn-slp-bo(17786)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17786
XForce ISS Database: gaim-msn-slp-dos(17787)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17787
Common Vulnerability Exposure (CVE) ID: CVE-2004-0940
BugTraq ID: 11471
http://www.securityfocus.com/bid/11471
Debian Security Information: DSA-594 (Google Search)
http://www.debian.org/security/2004/dsa-594
http://www.mandriva.com/security/advisories?name=MDKSA-2004:134
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
http://marc.info/?l=bugtraq&m=109906660225051&w=2
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://securitytracker.com/id?1011783
http://secunia.com/advisories/12898/
http://secunia.com/advisories/19073
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
http://www.vupen.com/english/advisories/2006/0789
XForce ISS Database: apache-modinclude-bo(17785)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17785
Common Vulnerability Exposure (CVE) ID: CVE-2004-0492
Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108711172710140&w=2
CERT/CC vulnerability note: VU#541310
http://www.kb.cert.org/vuls/id/541310
Debian Security Information: DSA-525 (Google Search)
http://www.debian.org/security/2004/dsa-525
https://bugzilla.fedora.us/show_bug.cgi?id=1737
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
http://www.guninski.com/modproxy1.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
RedHat Security Advisories: RHSA-2004:245
http://rhn.redhat.com/errata/RHSA-2004-245.html
http://secunia.com/advisories/11841
SGI Security Advisory: 20040605-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
XForce ISS Database: apache-modproxy-contentlength-bo(16387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Common Vulnerability Exposure (CVE) ID: CVE-2004-0885
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 11360
http://www.securityfocus.com/bid/11360
Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search)
http://marc.info/?l=bugtraq&m=109786159119069&w=2
HPdes Security Advisory: HPSBUX01123
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://secunia.com/advisories/19072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://www.ubuntu.com/usn/usn-177-1
XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.