ID de Prueba:	1.3.6.1.4.1.25623.1.0.50939
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2003:138
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2003:138. Samba is a suite of utilities which provides file and printer sharing services to SMB/CIFS clients. A security vulnerability has been found in versions of Samba up to and including 2.2.8. An anonymous user could exploit the vulnerability to gain root access on the target machine. Note that this is a different vulnerability than the one fixed by RHSA-2003:096. An exploit for this vulnerability is publicly available. All users of Samba are advised to update to the packages listed in this erratum, which contain a backported patch correcting this vulnerability. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-138.html http://www.digitaldefense.net/labs/advisories/DDI-1013.txt Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0196 Bugtraq: 20030407 Immunix Secured OS 7+ samba update (Google Search) http://marc.info/?l=bugtraq&m=104974612519064&w=2 Bugtraq: 20030407 [OpenPKG-SA-2003.028] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=104973186901597&w=2 Debian Security Information: DSA-280 (Google Search) http://www.debian.org/security/2003/dsa-280 http://www.mandriva.com/security/advisories?name=MDKSA-2003:044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564 http://www.redhat.com/support/errata/RHSA-2003-137.html Common Vulnerability Exposure (CVE) ID: CVE-2003-0201 BugTraq ID: 7294 http://www.securityfocus.com/bid/7294 Bugtraq: 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise (Google Search) http://marc.info/?l=bugtraq&m=104972664226781&w=2 Bugtraq: 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 (Google Search) http://marc.info/?l=bugtraq&m=104981682014565&w=2 Bugtraq: 20030409 GLSA: samba (200304-02) (Google Search) http://marc.info/?l=bugtraq&m=104994564212488&w=2 CERT/CC vulnerability note: VU#267873 http://www.kb.cert.org/vuls/id/267873 Conectiva Linux advisory: CLA-2003:624 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624 http://www.digitaldefense.net/labs/advisories/DDI-1013.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567 SGI Security Advisory: 20030403-01-P ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P SuSE Security Announcement: SuSE-SA:2003:025 (Google Search) http://www.novell.com/linux/security/advisories/2003_025_samba.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.