Test Kennung:	1.3.6.1.4.1.25623.1.0.59961
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2007:065 (samba)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2007:065. The samba-suite is an open-source implementation of the SMB protocol. CVE-2007-5398: Secunia Research has reported a bug in function reply_netbios_packet() that allowed remote attackers to execute arbitrary code by sending specially crafted WINS Name Registration requests followed by a WINS Name Query request packet. The exploitable code in samba can only be reached if the option wins support was enabled. CVE-2007-4572: Another bug reported by Secunia Research affected the processing of GETDC mailslot request in nmbd. This error can also be exploited remotely to execute arbitrary code, but only if samba was configured as Primary or Backup Domain Controller. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2007:065 Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5398 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html BugTraq ID: 26455 http://www.securityfocus.com/bid/26455 Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/483744/100/0/threaded Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1409 (Google Search) http://www.debian.org/security/2007/dsa-1409 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml HPdes Security Advisory: HPSBUX02316 http://marc.info/?l=bugtraq&m=120524782005154&w=2 HPdes Security Advisory: HPSBUX02341 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 HPdes Security Advisory: SSRT071495 HPdes Security Advisory: SSRT080075 http://www.mandriva.com/security/advisories?name=MDKSA-2007:224 http://secunia.com/secunia_research/2007-90/advisory/ http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811 http://www.redhat.com/support/errata/RHSA-2007-1013.html http://www.redhat.com/support/errata/RHSA-2007-1016.html http://www.redhat.com/support/errata/RHSA-2007-1017.html http://securitytracker.com/id?1018953 http://secunia.com/advisories/27450 http://secunia.com/advisories/27679 http://secunia.com/advisories/27682 http://secunia.com/advisories/27691 http://secunia.com/advisories/27701 http://secunia.com/advisories/27720 http://secunia.com/advisories/27731 http://secunia.com/advisories/27742 http://secunia.com/advisories/27787 http://secunia.com/advisories/27927 http://secunia.com/advisories/28136 http://secunia.com/advisories/28368 http://secunia.com/advisories/29341 http://secunia.com/advisories/30484 http://secunia.com/advisories/30835 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739 http://securityreason.com/securityalert/3372 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1 SuSE Security Announcement: SUSE-SA:2007:065 (Google Search) http://www.novell.com/linux/security/advisories/2007_65_samba.html https://usn.ubuntu.com/544-1/ http://www.vupen.com/english/advisories/2007/3869 http://www.vupen.com/english/advisories/2007/4238 http://www.vupen.com/english/advisories/2008/0064 http://www.vupen.com/english/advisories/2008/0859/references http://www.vupen.com/english/advisories/2008/1712/references http://www.vupen.com/english/advisories/2008/1908 XForce ISS Database: samba-replynetbiospacket-bo(38502) https://exchange.xforce.ibmcloud.com/vulnerabilities/38502 Common Vulnerability Exposure (CVE) ID: CVE-2007-4572 BugTraq ID: 26454 http://www.securityfocus.com/bid/26454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643 http://securitytracker.com/id?1018954 http://secunia.com/advisories/30736 http://www.ubuntu.com/usn/usn-544-2 http://www.ubuntu.com/usn/usn-617-1 XForce ISS Database: samba-nmbd-bo(38501) https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.