ID de Prueba:	1.3.6.1.4.1.25623.1.0.15705
Categoría:	Denial of Service
Título:	Samba Multiple Remote Vulnerabilities
Resumen:	NOSUMMARY
Descripción:	Description: The remote Samba server, according to its version number, may be vulnerable to a remote Denial Of Service vulnerability and a remote buffer overflow. The Wild Card DoS vulnerability may allow an attacker to make the remote server consume excessive CPU cycles. The QFILEPATHINFO Remote buffer overflow vulnerability may allow an attacker to execute code on the server. An attacker needs a valid account or enough credentials to exploit those flaws. Solution : upgrade to Samba 3.0.8 See also : http://us4.samba.org/samba/security/CVE-2004-0882.html See also : http://us4.samba.org/samba/security/CVE-2004-0930.html Risk factor : High
Referencia Cruzada:	BugTraq ID: 11624 BugTraq ID: 11678 Common Vulnerability Exposure (CVE) ID: CVE-2004-0930 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://www.securityfocus.com/bid/11624 Bugtraq: 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=109993720717957&w=2 Conectiva Linux advisory: CLA-2004:899 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false http://www.mandriva.com/security/advisories?name=MDKSA-2004:131 http://marc.info/?l=bugtraq&m=110330519803655&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936 SCO Security Bulletin: SCOSA-2005.17 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt SGI Security Advisory: 20041201-01-P ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1 SuSE Security Announcement: SUSE-SA:2004:040 (Google Search) http://www.novell.com/linux/security/advisories/2004_40_samba.html https://www.ubuntu.com/usn/usn-22-1/ XForce ISS Database: samba-msfnmatch-dos(17987) https://exchange.xforce.ibmcloud.com/vulnerabilities/17987 Common Vulnerability Exposure (CVE) ID: CVE-2004-0882 Bugtraq: 20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=110054671403755&w=2 Bugtraq: 20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd (Google Search) http://marc.info/?l=bugtraq&m=110055646329581&w=2 Bugtraq: 20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (Google Search) CERT/CC vulnerability note: VU#457622 http://www.kb.cert.org/vuls/id/457622 Computer Incident Advisory Center Bulletin: P-038 http://www.ciac.org/ciac/bulletins/p-038.shtml http://security.e-matters.de/advisories/132004.html http://www.osvdb.org/11782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969 http://securitytracker.com/id?1012235 http://secunia.com/advisories/13189 http://www.trustix.net/errata/2004/0058/ XForce ISS Database: samba-qfilepathinfo-bo(18070) https://exchange.xforce.ibmcloud.com/vulnerabilities/18070
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.