ID de Prueba:	1.3.6.1.4.1.25623.1.0.61114
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200805-23 (samba)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200805-23.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200805-23. Vulnerability Insight: A heap-based buffer overflow vulnerability was found in Samba, allowing for the execution of arbitrary code. Solution: All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.28a-r1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1105 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html BugTraq ID: 29404 http://www.securityfocus.com/bid/29404 BugTraq ID: 31255 http://www.securityfocus.com/bid/31255 Bugtraq: 20080528 [SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses (Google Search) http://www.securityfocus.com/archive/1/492683/100/0/threaded Bugtraq: 20080529 Secunia Research: Samba "receive_smb_raw()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/492737/100/0/threaded Bugtraq: 20080602 rPSA-2008-0180-1 samba samba-client samba-server samba-swat (Google Search) http://www.securityfocus.com/archive/1/492903/100/0/threaded Debian Security Information: DSA-1590 (Google Search) http://www.debian.org/security/2008/dsa-1590 https://www.exploit-db.com/exploits/5712 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01006.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01030.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01082.html http://security.gentoo.org/glsa/glsa-200805-23.xml HPdes Security Advisory: HPSBUX02341 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 HPdes Security Advisory: SSRT080075 http://www.mandriva.com/security/advisories?name=MDVSA-2008:108 http://secunia.com/secunia_research/2008-20/advisory/ http://lists.vmware.com/pipermail/security-announce/2008/000023.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5733 http://www.redhat.com/support/errata/RHSA-2008-0288.html http://www.redhat.com/support/errata/RHSA-2008-0289.html http://www.redhat.com/support/errata/RHSA-2008-0290.html http://securitytracker.com/id?1020123 http://secunia.com/advisories/30228 http://secunia.com/advisories/30385 http://secunia.com/advisories/30396 http://secunia.com/advisories/30442 http://secunia.com/advisories/30449 http://secunia.com/advisories/30478 http://secunia.com/advisories/30489 http://secunia.com/advisories/30543 http://secunia.com/advisories/30736 http://secunia.com/advisories/30802 http://secunia.com/advisories/30835 http://secunia.com/advisories/31246 http://secunia.com/advisories/31911 http://secunia.com/advisories/33696 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473951 http://sunsolve.sun.com/search/document.do?assetkey=1-26-249086-1 SuSE Security Announcement: SUSE-SA:2008:026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html http://www.ubuntu.com/usn/usn-617-1 http://www.ubuntu.com/usn/usn-617-2 http://www.vupen.com/english/advisories/2008/1681 http://www.vupen.com/english/advisories/2008/1908 http://www.vupen.com/english/advisories/2008/1981/references http://www.vupen.com/english/advisories/2008/2222/references http://www.vupen.com/english/advisories/2008/2639 XForce ISS Database: samba-receivesmbraw-bo(42664) https://exchange.xforce.ibmcloud.com/vulnerabilities/42664 XForce ISS Database: xerox-controller-samba-code-execution(45251) https://exchange.xforce.ibmcloud.com/vulnerabilities/45251
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.