English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57999
Categoría:Mandrake Local Security Checks
Título:Mandrake Security Advisory MDKSA-2007:034 (samba)
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing an update to samba
announced via advisory MDKSA-2007:034.

A logic error in the deferred open code for smbd may allow an
authenticated user to exhaust resources such as memory and CPU on the
server by opening multiple CIFS sessions, each of which will normally
spawn a new smbd process, and sending each connection into an infinite
loop. (CVE-2007-0452)

The name of a file on the server's share is used as the format string
when setting an NT security descriptor through the afsacl.so VFS
plugin. (CVE-2007-0454)

Updated packages have been patched to address these issues.

Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:034

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0452
1017587
http://securitytracker.com/id?1017587
200588
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
2007-0007
http://www.trustix.org/errata/2007/0007
20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d
http://www.securityfocus.com/archive/1/459167/100/0/threaded
20070207 rPSA-2007-0026-1 samba samba-swat
http://www.securityfocus.com/archive/1/459365/100/0/threaded
2219
http://securityreason.com/securityalert/2219
22395
http://www.securityfocus.com/bid/22395
24021
http://secunia.com/advisories/24021
24030
http://secunia.com/advisories/24030
24046
http://secunia.com/advisories/24046
24060
http://secunia.com/advisories/24060
24067
http://secunia.com/advisories/24067
24076
http://secunia.com/advisories/24076
24101
http://secunia.com/advisories/24101
24140
http://secunia.com/advisories/24140
24145
http://secunia.com/advisories/24145
24151
http://secunia.com/advisories/24151
24188
http://secunia.com/advisories/24188
24284
http://secunia.com/advisories/24284
24792
http://secunia.com/advisories/24792
33100
http://osvdb.org/33100
ADV-2007-0483
http://www.vupen.com/english/advisories/2007/0483
ADV-2007-1278
http://www.vupen.com/english/advisories/2007/1278
DSA-1257
http://www.debian.org/security/2007/dsa-1257
FEDORA-2007-219
http://fedoranews.org/cms/node/2579
FEDORA-2007-220
http://fedoranews.org/cms/node/2580
GLSA-200702-01
http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
HPSBUX02204
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462
MDKSA-2007:034
http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
RHSA-2007:0060
http://www.redhat.com/support/errata/RHSA-2007-0060.html
RHSA-2007:0061
http://www.redhat.com/support/errata/RHSA-2007-0061.html
SSA:2007-038-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
SSRT071341
SUSE-SA:2007:016
http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html
USN-419-1
http://www.ubuntu.com/usn/usn-419-1
http://us1.samba.org/samba/security/CVE-2007-0452.html
https://issues.rpath.com/browse/RPL-1005
oval:org.mitre.oval:def:9758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9758
samba-smbd-filerename-dos(32301)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32301
Common Vulnerability Exposure (CVE) ID: CVE-2007-0454
1017588
http://securitytracker.com/id?1017588
20070205 [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin
http://www.securityfocus.com/archive/1/459179/100/0/threaded
22403
http://www.securityfocus.com/bid/22403
33101
http://osvdb.org/33101
OpenPKG-SA-2007.012
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
VU#649732
http://www.kb.cert.org/vuls/id/649732
http://us1.samba.org/samba/security/CVE-2007-0454.html
samba-afsacl-format-string(32304)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32304
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.