Test Kennung:	1.3.6.1.4.1.25623.1.0.51408
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2003:624
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2003:624. Samba provides SMB/CIFS services (such as file and printer sharing) used by clients compatible with Microsoft Windows(TM). The Digital Defense team found[1] a stack overflow vulnerability in the samba SMB protocol implementation. A remote attacker can exploit this vulnerability to gain root access to a system running a samba server. The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2003-0201 to this issue[2]. Please note this is not a re-edition of the previous samba security update[3]. This vulnerability was independently discovered some days later. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.digitaldefense.net/labs/advisories/DDI-1013.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000615&idioma=en http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:624 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : Critical CVSS Score: 10.0
Querverweis:	BugTraq ID: 7294 Common Vulnerability Exposure (CVE) ID: CVE-2003-0201 http://www.securityfocus.com/bid/7294 Bugtraq: 20030407 Immunix Secured OS 7+ samba update (Google Search) http://marc.info/?l=bugtraq&m=104974612519064&w=2 Bugtraq: 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise (Google Search) http://marc.info/?l=bugtraq&m=104972664226781&w=2 Bugtraq: 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 (Google Search) http://marc.info/?l=bugtraq&m=104981682014565&w=2 Bugtraq: 20030409 GLSA: samba (200304-02) (Google Search) http://marc.info/?l=bugtraq&m=104994564212488&w=2 CERT/CC vulnerability note: VU#267873 http://www.kb.cert.org/vuls/id/267873 Conectiva Linux advisory: CLA-2003:624 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624 Debian Security Information: DSA-280 (Google Search) http://www.debian.org/security/2003/dsa-280 http://www.mandriva.com/security/advisories?name=MDKSA-2003:044 http://www.digitaldefense.net/labs/advisories/DDI-1013.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567 http://www.redhat.com/support/errata/RHSA-2003-137.html SGI Security Advisory: 20030403-01-P ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P SuSE Security Announcement: SuSE-SA:2003:025 (Google Search) http://www.novell.com/linux/security/advisories/2003_025_samba.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.