English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.59634
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2007:224-2 (samba)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to samba
announced via advisory MDKSA-2007:224-2.

The samba developers discovered that nmbd could be made to overrun a
buffer during the processing of GETDC logon server requests. If samba
is configured as a Primary or Backup Domain Controller, this could
be used by a remote attacker to send malicious logon requests and
possibly cause a denial of service (CVE-2007-4572).

As well, Alin Rad Pop of Secunia Research found that nmbd did not
properly check the length of netbios packets. If samba is configured
as a WINS server, this could be used by a remote attacker able to
send multiple crafted requests to nmbd, resulting in the execution
of arbitrary code with root privileges (CVE-2007-5398).

Update:

The update packages on Corporate Server 4.0 resulted in the nmbd daemon
crashing at startup. This update provides a newer version of samba
(3.0.23d) that does not exhibit this behaviour.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:224-2

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-4572
1018954
http://securitytracker.com/id?1018954
20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/485936/100/0/threaded
20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/486859/100/0/threaded
237764
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
26454
http://www.securityfocus.com/bid/26454
27450
http://secunia.com/advisories/27450
27679
http://secunia.com/advisories/27679
27682
http://secunia.com/advisories/27682
27691
http://secunia.com/advisories/27691
27701
http://secunia.com/advisories/27701
27720
http://secunia.com/advisories/27720
27731
http://secunia.com/advisories/27731
27787
http://secunia.com/advisories/27787
27927
http://secunia.com/advisories/27927
28136
http://secunia.com/advisories/28136
28368
http://secunia.com/advisories/28368
29341
http://secunia.com/advisories/29341
30484
http://secunia.com/advisories/30484
30736
http://secunia.com/advisories/30736
30835
http://secunia.com/advisories/30835
ADV-2007-3869
http://www.vupen.com/english/advisories/2007/3869
ADV-2007-4238
http://www.vupen.com/english/advisories/2007/4238
ADV-2008-0064
http://www.vupen.com/english/advisories/2008/0064
ADV-2008-0859
http://www.vupen.com/english/advisories/2008/0859/references
ADV-2008-1712
http://www.vupen.com/english/advisories/2008/1712/references
ADV-2008-1908
http://www.vupen.com/english/advisories/2008/1908
APPLE-SA-2007-12-17
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
DSA-1409
http://www.debian.org/security/2007/dsa-1409
FEDORA-2007-3402
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html
GLSA-200711-29
http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
HPSBUX02316
http://marc.info/?l=bugtraq&m=120524782005154&w=2
HPSBUX02341
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
MDKSA-2007:224
http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
RHSA-2007:1013
http://www.redhat.com/support/errata/RHSA-2007-1013.html
RHSA-2007:1016
http://www.redhat.com/support/errata/RHSA-2007-1016.html
RHSA-2007:1017
http://www.redhat.com/support/errata/RHSA-2007-1017.html
SSA:2007-320-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
SSRT071495
SSRT080075
SUSE-SA:2007:065
http://www.novell.com/linux/security/advisories/2007_65_samba.html
TA07-352A
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
USN-544-1
https://usn.ubuntu.com/544-1/
USN-544-2
http://www.ubuntu.com/usn/usn-544-2
USN-617-1
http://www.ubuntu.com/usn/usn-617-1
[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
http://docs.info.apple.com/article.html?artnum=307179
http://us1.samba.org/samba/security/CVE-2007-4572.html
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
https://issues.rpath.com/browse/RPL-1894
oval:org.mitre.oval:def:11132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
oval:org.mitre.oval:def:5643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
samba-nmbd-bo(38501)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
Common Vulnerability Exposure (CVE) ID: CVE-2007-5398
BugTraq ID: 26455
http://www.securityfocus.com/bid/26455
Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search)
http://www.securityfocus.com/archive/1/483744/100/0/threaded
Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Cert/CC Advisory: TA07-352A
Debian Security Information: DSA-1409 (Google Search)
HPdes Security Advisory: HPSBUX02316
HPdes Security Advisory: HPSBUX02341
HPdes Security Advisory: SSRT071495
HPdes Security Advisory: SSRT080075
http://secunia.com/secunia_research/2007-90/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811
http://securitytracker.com/id?1018953
http://secunia.com/advisories/27742
http://securityreason.com/securityalert/3372
SuSE Security Announcement: SUSE-SA:2007:065 (Google Search)
XForce ISS Database: samba-replynetbiospacket-bo(38502)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38502
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.