Test Kennung:	1.3.6.1.4.1.25623.1.0.58277
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200705-15 (samba)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200705-15. Samba contains multiple vulnerabilities potentially resulting in the execution of arbitrary code with root privileges. Solution: All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.24-r2' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200705-15 http://bugs.gentoo.org/show_bug.cgi?id=177029 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2444 BugTraq ID: 23974 http://www.securityfocus.com/bid/23974 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2444: Local SID/Name Translation Failure Can Result in User Privilege Elevation (Google Search) http://www.securityfocus.com/archive/1/468548/100/0/threaded Bugtraq: 20070515 FLEA-2007-0017-1: samba (Google Search) http://www.securityfocus.com/archive/1/468670/100/0/threaded Debian Security Information: DSA-1291 (Google Search) http://www.debian.org/security/2007/dsa-1291 http://security.gentoo.org/glsa/glsa-200705-15.xml HPdes Security Advisory: HPSBTU02218 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980 HPdes Security Advisory: SSRT071424 http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html http://osvdb.org/34698 http://www.securitytracker.com/id?1018049 http://secunia.com/advisories/25232 http://secunia.com/advisories/25241 http://secunia.com/advisories/25246 http://secunia.com/advisories/25251 http://secunia.com/advisories/25255 http://secunia.com/advisories/25256 http://secunia.com/advisories/25259 http://secunia.com/advisories/25270 http://secunia.com/advisories/25289 http://secunia.com/advisories/25675 http://secunia.com/advisories/25772 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906 http://securityreason.com/securityalert/2701 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 SuSE Security Announcement: SUSE-SA:2007:031 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html http://www.trustix.org/errata/2007/0017/ http://www.ubuntu.com/usn/usn-460-1 http://www.ubuntu.com/usn/usn-460-2 http://www.vupen.com/english/advisories/2007/1805 http://www.vupen.com/english/advisories/2007/2210 http://www.vupen.com/english/advisories/2007/2281 Common Vulnerability Exposure (CVE) ID: CVE-2007-2446 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BugTraq ID: 23973 http://www.securityfocus.com/bid/23973 BugTraq ID: 24195 http://www.securityfocus.com/bid/24195 BugTraq ID: 24196 http://www.securityfocus.com/bid/24196 BugTraq ID: 24197 http://www.securityfocus.com/bid/24197 BugTraq ID: 24198 http://www.securityfocus.com/bid/24198 BugTraq ID: 25159 http://www.securityfocus.com/bid/25159 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution (Google Search) http://www.securityfocus.com/archive/1/468542/100/0/threaded Bugtraq: 20070515 ZDI-07-029: Samba lsa_io_privilege_set Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468674/100/0/threaded Bugtraq: 20070515 ZDI-07-030: Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468675/100/0/threaded Bugtraq: 20070515 ZDI-07-031: Samba smb_io_notify_option_type_data Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468673/100/0/threaded Bugtraq: 20070515 ZDI-07-032: Samba sec_io_acl Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468672/100/0/threaded Bugtraq: 20070515 ZDI-07-033: Samba lsa_io_trans_names Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468680/100/0/threaded CERT/CC vulnerability note: VU#773720 http://www.kb.cert.org/vuls/id/773720 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html HPdes Security Advisory: HPSBUX02218 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768 http://www.zerodayinitiative.com/advisories/ZDI-07-029.html http://www.zerodayinitiative.com/advisories/ZDI-07-030.html http://www.zerodayinitiative.com/advisories/ZDI-07-031.html http://www.zerodayinitiative.com/advisories/ZDI-07-032.html http://www.zerodayinitiative.com/advisories/ZDI-07-033.html http://osvdb.org/34699 http://osvdb.org/34731 http://www.osvdb.org/34732 http://osvdb.org/34733 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11415 http://www.redhat.com/support/errata/RHSA-2007-0354.html http://www.securitytracker.com/id?1018050 http://secunia.com/advisories/25257 http://secunia.com/advisories/25391/ http://secunia.com/advisories/25567 http://secunia.com/advisories/26235 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 http://secunia.com/advisories/28292 http://securityreason.com/securityalert/2702 http://www.vupen.com/english/advisories/2007/2079 http://www.vupen.com/english/advisories/2007/2732 http://www.vupen.com/english/advisories/2007/3229 http://www.vupen.com/english/advisories/2008/0050 XForce ISS Database: samba-lsaioprivilegeset-bo(34309) https://exchange.xforce.ibmcloud.com/vulnerabilities/34309 XForce ISS Database: samba-lsaiotransnames-bo(34316) https://exchange.xforce.ibmcloud.com/vulnerabilities/34316 XForce ISS Database: samba-netdfsiodfsenuminfod-bo(34311) https://exchange.xforce.ibmcloud.com/vulnerabilities/34311 XForce ISS Database: samba-secioacl-bo(34314) https://exchange.xforce.ibmcloud.com/vulnerabilities/34314 XForce ISS Database: samba-smbionotifyoptiontypedata-bo(34312) https://exchange.xforce.ibmcloud.com/vulnerabilities/34312 Common Vulnerability Exposure (CVE) ID: CVE-2007-2447 BugTraq ID: 23972 http://www.securityfocus.com/bid/23972 Bugtraq: 20070513 [SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/468565/100/0/threaded CERT/CC vulnerability note: VU#268336 http://www.kb.cert.org/vuls/id/268336 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534 http://www.osvdb.org/34700 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062 http://www.securitytracker.com/id?1018051 http://secunia.com/advisories/26083 http://securityreason.com/securityalert/2700 SuSE Security Announcement: SUSE-SR:2007:014 (Google Search) http://www.novell.com/linux/security/advisories/2007_14_sr.html
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.