English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.59249
Kategorie:Gentoo Local Security Checks
Titel:Gentoo Security Advisory GLSA 200711-29 (samba)
Zusammenfassung:The remote host is missing updates announced in;advisory GLSA 200711-29.
Beschreibung:Summary:
The remote host is missing updates announced in
advisory GLSA 200711-29.

Vulnerability Insight:
Samba contains two buffer overflow vulnerabilities potentially resulting in
the execution of arbitrary code, one of which is currently unfixed.

Solution:
The Samba 3.0.27 ebuild that resolves both vulnerabilities is currently
masked due to a regression in the patch for the second vulnerability.

Since no working patch exists yet, all Samba users should upgrade to
3.0.26a-r2, which contains a fix for the first vulnerability
(CVE-2007-5398):

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.26a-r2'

An update to this temporary GLSA will be sent when the second
vulnerability will be fixed.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-4572
1018954
http://securitytracker.com/id?1018954
20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/485936/100/0/threaded
20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/486859/100/0/threaded
237764
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
26454
http://www.securityfocus.com/bid/26454
27450
http://secunia.com/advisories/27450
27679
http://secunia.com/advisories/27679
27682
http://secunia.com/advisories/27682
27691
http://secunia.com/advisories/27691
27701
http://secunia.com/advisories/27701
27720
http://secunia.com/advisories/27720
27731
http://secunia.com/advisories/27731
27787
http://secunia.com/advisories/27787
27927
http://secunia.com/advisories/27927
28136
http://secunia.com/advisories/28136
28368
http://secunia.com/advisories/28368
29341
http://secunia.com/advisories/29341
30484
http://secunia.com/advisories/30484
30736
http://secunia.com/advisories/30736
30835
http://secunia.com/advisories/30835
ADV-2007-3869
http://www.vupen.com/english/advisories/2007/3869
ADV-2007-4238
http://www.vupen.com/english/advisories/2007/4238
ADV-2008-0064
http://www.vupen.com/english/advisories/2008/0064
ADV-2008-0859
http://www.vupen.com/english/advisories/2008/0859/references
ADV-2008-1712
http://www.vupen.com/english/advisories/2008/1712/references
ADV-2008-1908
http://www.vupen.com/english/advisories/2008/1908
APPLE-SA-2007-12-17
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
DSA-1409
http://www.debian.org/security/2007/dsa-1409
FEDORA-2007-3402
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html
GLSA-200711-29
http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
HPSBUX02316
http://marc.info/?l=bugtraq&m=120524782005154&w=2
HPSBUX02341
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
MDKSA-2007:224
http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
RHSA-2007:1013
http://www.redhat.com/support/errata/RHSA-2007-1013.html
RHSA-2007:1016
http://www.redhat.com/support/errata/RHSA-2007-1016.html
RHSA-2007:1017
http://www.redhat.com/support/errata/RHSA-2007-1017.html
SSA:2007-320-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
SSRT071495
SSRT080075
SUSE-SA:2007:065
http://www.novell.com/linux/security/advisories/2007_65_samba.html
TA07-352A
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
USN-544-1
https://usn.ubuntu.com/544-1/
USN-544-2
http://www.ubuntu.com/usn/usn-544-2
USN-617-1
http://www.ubuntu.com/usn/usn-617-1
[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
http://docs.info.apple.com/article.html?artnum=307179
http://us1.samba.org/samba/security/CVE-2007-4572.html
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
https://issues.rpath.com/browse/RPL-1894
oval:org.mitre.oval:def:11132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
oval:org.mitre.oval:def:5643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
samba-nmbd-bo(38501)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
Common Vulnerability Exposure (CVE) ID: CVE-2007-5398
BugTraq ID: 26455
http://www.securityfocus.com/bid/26455
Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search)
http://www.securityfocus.com/archive/1/483744/100/0/threaded
Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Cert/CC Advisory: TA07-352A
Debian Security Information: DSA-1409 (Google Search)
HPdes Security Advisory: HPSBUX02316
HPdes Security Advisory: HPSBUX02341
HPdes Security Advisory: SSRT071495
HPdes Security Advisory: SSRT080075
http://secunia.com/secunia_research/2007-90/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811
http://securitytracker.com/id?1018953
http://secunia.com/advisories/27742
http://securityreason.com/securityalert/3372
SuSE Security Announcement: SUSE-SA:2007:065 (Google Search)
XForce ISS Database: samba-replynetbiospacket-bo(38502)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38502
CopyrightCopyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.