 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.51454 |
| Kategorie: | Conectiva Local Security Checks |
| Titel: | Conectiva Security Advisory CLA-2003:734 |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing updates announced in advisory CLA-2003:734. pam_smb is a PAM module that allows applications to authenticate against a SMB server (such as Microsoft Windows(TM) or Samba). A buffer overflow vulnerability has been discovered in the pam_smb module. An attacker can execute arbitrary code in the context of the program using the module by supplying a long password. Remote root access can be gained if remote services such as SSH or FTP are using the module (which is not enabled by default in any application distributed with Conectiva Linux). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0686 to this issue. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:734 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.5 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0686 Bugtraq: 20030901 GLSA: pam_smb (200309-01) (Google Search) http://marc.info/?l=bugtraq&m=106252769930090&w=2 CERT/CC vulnerability note: VU#680260 http://www.kb.cert.org/vuls/id/680260 Conectiva Linux advisory: CLA-2003:734 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000734 Debian Security Information: DSA-374 (Google Search) http://www.debian.org/security/2003/dsa-374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A469 http://www.redhat.com/support/errata/RHSA-2003-261.html http://www.redhat.com/support/errata/RHSA-2003-262.html http://secunia.com/advisories/9611 SuSE Security Announcement: SuSE-SA:2003:036 (Google Search) TurboLinux Advisory: TLSA-2003-50 http://www.turbolinux.com/security/TLSA-2003-50.txt |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |