 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.70032 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandriva Security Advisory MDVSA-2011:121 (samba) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to samba announced via advisory MDVSA-2011:121. Multiple vulnerabilities has been discovered and corrected in samba: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT (CVE-2011-2522). All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field (CVE-2011-2694). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:121 http://www.samba.org/samba/security/CVE-2011-2522 http://www.samba.org/samba/security/CVE-2011-2694 Risk factor : High CVSS Score: 6.8 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2522 BugTraq ID: 48899 http://www.securityfocus.com/bid/48899 Debian Security Information: DSA-2290 (Google Search) http://www.debian.org/security/2011/dsa-2290 http://www.exploit-db.com/exploits/17577 HPdes Security Advisory: HPSBNS02701 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543 HPdes Security Advisory: HPSBUX02768 http://marc.info/?l=bugtraq&m=133527864025056&w=2 HPdes Security Advisory: SSRT100598 HPdes Security Advisory: SSRT100664 http://jvn.jp/en/jp/JVN29529126/index.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:121 http://osvdb.org/74071 http://securitytracker.com/id?1025852 http://secunia.com/advisories/45393 http://secunia.com/advisories/45488 http://secunia.com/advisories/45496 http://securityreason.com/securityalert/8317 http://ubuntu.com/usn/usn-1182-1 XForce ISS Database: samba-swat-csrf(68843) https://exchange.xforce.ibmcloud.com/vulnerabilities/68843 Common Vulnerability Exposure (CVE) ID: CVE-2011-2694 BugTraq ID: 48901 http://www.securityfocus.com/bid/48901 http://jvn.jp/en/jp/JVN63041502/index.html http://osvdb.org/74072 XForce ISS Database: samba-user-xss(68844) https://exchange.xforce.ibmcloud.com/vulnerabilities/68844 |
| Copyright | Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |