Test Kennung:	1.3.6.1.4.1.25623.1.0.64603
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2009:196 (samba)
Zusammenfassung:	The remote host is missing an update to samba;announced via advisory MDVSA-2009:196.
Beschreibung:	Summary: The remote host is missing an update to samba announced via advisory MDVSA-2009:196. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in samba: Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename (CVE-2009-1886). The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory (CVE-2009-1888). This update provides samba 3.2.13 to address these issues. Affected: 2009.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1886 1022441 http://www.securitytracker.com/id?1022441 35472 http://www.securityfocus.com/bid/35472 35539 http://secunia.com/advisories/35539 35573 http://secunia.com/advisories/35573 35606 http://secunia.com/advisories/35606 36918 http://secunia.com/advisories/36918 ADV-2009-1664 http://www.vupen.com/english/advisories/2009/1664 DSA-1823 http://www.debian.org/security/2009/dsa-1823 MDVSA-2009:196 http://www.mandriva.com/security/advisories?name=MDVSA-2009:196 SSA:2009-177-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591 USN-839-1 http://www.ubuntu.com/usn/USN-839-1 http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1886.patch http://www.samba.org/samba/security/CVE-2009-1886.html https://bugzilla.samba.org/show_bug.cgi?id=6478 samba-smbclient-format-string(51328) https://exchange.xforce.ibmcloud.com/vulnerabilities/51328 Common Vulnerability Exposure (CVE) ID: CVE-2009-1888 1022442 http://www.securitytracker.com/id?1022442 20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat http://www.securityfocus.com/archive/1/507856/100/0/threaded http://wiki.rpath.com/Advisories:rPSA-2009-0145 http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch http://www.samba.org/samba/security/CVE-2009-1888.html oval:org.mitre.oval:def:10790 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790 oval:org.mitre.oval:def:7292 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292 samba-acl-security-bypass(51327) https://exchange.xforce.ibmcloud.com/vulnerabilities/51327
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.