ID de Prueba:	1.3.6.1.4.1.25623.1.0.59981
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:1117
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:1117. Samba is a suite of programs used by machines to share files, printers, and other information. A stack buffer overflow flaw was found in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or execute arbitrary code with the permissions of the Samba server. (CVE-2007-6015) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1117.html http://www.redhat.com/security/updates/classification/#critical Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6015 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html BugTraq ID: 26791 http://www.securityfocus.com/bid/26791 Bugtraq: 20071210 Secunia Research: Samba "send_mailslot()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/484818/100/0/threaded Bugtraq: 20071210 [SECURITY] Buffer overrun in send_mailslot() (Google Search) http://www.securityfocus.com/archive/1/484825/100/0/threaded Bugtraq: 20071210 rPSA-2007-0261-1 samba samba-swat (Google Search) http://www.securityfocus.com/archive/1/484827/100/0/threaded Bugtraq: 20071214 POC for samba send_mailslot() (Google Search) http://www.securityfocus.com/archive/1/485144/100/0/threaded Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search) http://www.securityfocus.com/archive/1/488457/100/0/threaded Cert/CC Advisory: TA08-043B http://www.us-cert.gov/cas/techalerts/TA08-043B.html CERT/CC vulnerability note: VU#438395 http://www.kb.cert.org/vuls/id/438395 Debian Security Information: DSA-1427 (Google Search) http://www.debian.org/security/2007/dsa-1427 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html http://security.gentoo.org/glsa/glsa-200712-10.xml HPdes Security Advisory: HPSBUX02316 http://marc.info/?l=bugtraq&m=120524782005154&w=2 HPdes Security Advisory: HPSBUX02341 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 HPdes Security Advisory: SSRT071495 HPdes Security Advisory: SSRT080075 http://www.mandriva.com/security/advisories?name=MDKSA-2007:244 http://secunia.com/secunia_research/2007-99/advisory/ http://lists.vmware.com/pipermail/security-announce/2008/000005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605 http://www.redhat.com/support/errata/RHSA-2007-1114.html http://www.redhat.com/support/errata/RHSA-2007-1117.html http://www.securitytracker.com/id?1019065 http://secunia.com/advisories/27760 http://secunia.com/advisories/27894 http://secunia.com/advisories/27977 http://secunia.com/advisories/27993 http://secunia.com/advisories/27999 http://secunia.com/advisories/28003 http://secunia.com/advisories/28028 http://secunia.com/advisories/28029 http://secunia.com/advisories/28037 http://secunia.com/advisories/28067 http://secunia.com/advisories/28089 http://secunia.com/advisories/28891 http://secunia.com/advisories/29032 http://secunia.com/advisories/29341 http://secunia.com/advisories/30484 http://secunia.com/advisories/30835 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554 http://securityreason.com/securityalert/3438 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1 SuSE Security Announcement: SUSE-SA:2007:068 (Google Search) http://www.novell.com/linux/security/advisories/2007_68_samba.html http://www.ubuntu.com/usn/usn-556-1 http://www.vupen.com/english/advisories/2007/4153 http://www.vupen.com/english/advisories/2008/0495/references http://www.vupen.com/english/advisories/2008/0637 http://www.vupen.com/english/advisories/2008/0859/references http://www.vupen.com/english/advisories/2008/1712/references http://www.vupen.com/english/advisories/2008/1908 XForce ISS Database: samba-sendmailslot-bo(38965) https://exchange.xforce.ibmcloud.com/vulnerabilities/38965
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.