Test Kennung:	1.3.6.1.4.1.25623.1.0.50874
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2001:062 (samba)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to samba announced via advisory MDKSA-2001:062. Michal Zalewski has found a vulnerability in all versions of Samba prior to 2.0.10 where if a client sends an invalid netbios name Samba could be tricked into appending it's log to files writable by root. This can be very dangerous if combined with a symlink created by a local user. Note that the log files must be specified as %m.log in order for this to work, and Mandrake Linux ships Samba by default using log.%m, thus it is not vulnerable out of the box. Affected versions: 7.1, 7.2, 8.0, Corporate Server 1.0.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2001:062 http://us1.samba.org/samba/whatsnew/macroexploit.html http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.