ID de Prueba:	1.3.6.1.4.1.25623.1.0.52420
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: samba
Resumen:	The remote host is missing an update to the system;as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: samba ja-samba CVE-2004-0600 Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. CVE-2004-0686 Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the 'mangling method = hash' option is enabled in smb.conf, has unknown impact and attack vectors. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0600 Bugtraq: 20040722 SWAT PreAuthorization PoC (Google Search) http://marc.info/?l=bugtraq&m=109053195818351&w=2 Bugtraq: 20040722 Samba 3.x swat preauthentication buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=109052647928375&w=2 Bugtraq: 20040722 Security Release - Samba 3.0.5 and 2.2.10 (Google Search) http://marc.info/?l=bugtraq&m=109051340810458&w=2 Bugtraq: 20040722 TSSA-2004-014 - samba (Google Search) http://marc.info/?l=bugtraq&m=109052891507263&w=2 Bugtraq: 20040722 [OpenPKG-SA-2004.033] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=109051533021376&w=2 Conectiva Linux advisory: CLA-2004:851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 Conectiva Linux advisory: CLA-2004:854 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://www.gentoo.org/security/en/glsa/glsa-200407-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11445 http://www.redhat.com/support/errata/RHSA-2004-259.html SuSE Security Announcement: SUSE-SA:2004:022 (Google Search) http://www.novell.com/linux/security/advisories/2004_22_samba.html http://www.trustix.org/errata/2004/0039/ XForce ISS Database: samba-swat-base64-bo(16785) https://exchange.xforce.ibmcloud.com/vulnerabilities/16785 Common Vulnerability Exposure (CVE) ID: CVE-2004-0686 http://marc.info/?l=bugtraq&m=109785827607823&w=2 HPdes Security Advisory: SSRT4782 http://marc.info/?l=bugtraq&m=109094272328981&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10461 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101584-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57664-1 XForce ISS Database: samba-mangling-method-bo(16786) https://exchange.xforce.ibmcloud.com/vulnerabilities/16786
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.