 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.59013 |
| Kategorie: | Slackware Local Security Checks |
| Titel: | Slackware: Security Advisory (SSA:2007-255-02) |
| Zusammenfassung: | The remote host is missing an update for the 'samba' package(s) announced via the SSA:2007-255-02 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'samba' package(s) announced via the SSA:2007-255-02 advisory. Vulnerability Insight: New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue and various other bugs. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 12.0 ChangeLog: +--------------------------+ patches/packages/samba-3.0.26a-i486-1_slack12.0.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: 'Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin.' For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'samba' package(s) on Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4138 1018681 http://www.securitytracker.com/id?1018681 20070911 [SECURITY] Winbind's rfc2307 & SFU nss_info plugin in Samba 3.0.25[a-c] assigns users a primary gid of 0 by default http://www.securityfocus.com/archive/1/479078/100/0/threaded 25636 http://www.securityfocus.com/bid/25636 26764 http://secunia.com/advisories/26764 26776 http://secunia.com/advisories/26776 26795 http://secunia.com/advisories/26795 26834 http://secunia.com/advisories/26834 3135 http://securityreason.com/securityalert/3135 ADV-2007-3120 http://www.vupen.com/english/advisories/2007/3120 FEDORA-2007-2145 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00201.html RHSA-2007:1016 http://www.redhat.com/support/errata/RHSA-2007-1016.html RHSA-2007:1017 http://www.redhat.com/support/errata/RHSA-2007-1017.html SSA:2007-255-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.419439 TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://docs.info.apple.com/article.html?artnum=307179 http://www.samba.org/samba/security/CVE-2007-4138.html https://issues.rpath.com/browse/RPL-1705 oval:org.mitre.oval:def:10375 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10375 samba-smb-privilege-escalation(36560) https://exchange.xforce.ibmcloud.com/vulnerabilities/36560 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |