ID de Prueba:	1.3.6.1.4.1.25623.1.0.51408
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2003:624
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2003:624. Samba provides SMB/CIFS services (such as file and printer sharing) used by clients compatible with Microsoft Windows(TM). The Digital Defense team found[1] a stack overflow vulnerability in the samba SMB protocol implementation. A remote attacker can exploit this vulnerability to gain root access to a system running a samba server. The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2003-0201 to this issue[2]. Please note this is not a re-edition of the previous samba security update[3]. This vulnerability was independently discovered some days later. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.digitaldefense.net/labs/advisories/DDI-1013.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000615&idioma=en http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:624 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	BugTraq ID: 7294 Common Vulnerability Exposure (CVE) ID: CVE-2003-0201 http://www.securityfocus.com/bid/7294 Bugtraq: 20030407 Immunix Secured OS 7+ samba update (Google Search) http://marc.info/?l=bugtraq&m=104974612519064&w=2 Bugtraq: 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise (Google Search) http://marc.info/?l=bugtraq&m=104972664226781&w=2 Bugtraq: 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 (Google Search) http://marc.info/?l=bugtraq&m=104981682014565&w=2 Bugtraq: 20030409 GLSA: samba (200304-02) (Google Search) http://marc.info/?l=bugtraq&m=104994564212488&w=2 CERT/CC vulnerability note: VU#267873 http://www.kb.cert.org/vuls/id/267873 Conectiva Linux advisory: CLA-2003:624 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624 Debian Security Information: DSA-280 (Google Search) http://www.debian.org/security/2003/dsa-280 http://www.mandriva.com/security/advisories?name=MDKSA-2003:044 http://www.digitaldefense.net/labs/advisories/DDI-1013.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567 http://www.redhat.com/support/errata/RHSA-2003-137.html SGI Security Advisory: 20030403-01-P ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P SuSE Security Announcement: SuSE-SA:2003:025 (Google Search) http://www.novell.com/linux/security/advisories/2003_025_samba.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.