ID de Prueba:	1.3.6.1.4.1.25623.1.0.65009
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2009-276-01)
Resumen:	The remote host is missing an update for the 'samba' package(s) announced via the SSA:2009-276-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the SSA:2009-276-01 advisory. Vulnerability Insight: New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 13.0 ChangeLog: +--------------------------+ patches/packages/samba-3.2.15-i486-1_slack13.0.txz: This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. (On Slackware, it was not installed setuid) Specially crafted SMB requests could cause a denial of service. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'samba' package(s) on Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2813 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html BugTraq ID: 36363 http://www.securityfocus.com/bid/36363 Bugtraq: 20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat (Google Search) http://www.securityfocus.com/archive/1/507856/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html HPdes Security Advisory: HPSBUX02479 http://marc.info/?l=bugtraq&m=126514298313071&w=2 HPdes Security Advisory: SSRT090212 http://osvdb.org/57955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7211 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7257 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7791 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9191 http://secunia.com/advisories/36701 http://secunia.com/advisories/36893 http://secunia.com/advisories/36918 http://secunia.com/advisories/36937 http://secunia.com/advisories/36953 http://secunia.com/advisories/37428 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1 SuSE Security Announcement: SUSE-SR:2009:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://www.ubuntu.com/usn/USN-839-1 http://www.vupen.com/english/advisories/2009/2810 XForce ISS Database: macosx-smb-security-bypass(53174) https://exchange.xforce.ibmcloud.com/vulnerabilities/53174 Common Vulnerability Exposure (CVE) ID: CVE-2009-2906 1021111 1022976 http://www.securitytracker.com/id?1022976 20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat 36573 http://www.securityfocus.com/bid/36573 36893 36918 36937 36953 37428 58519 http://osvdb.org/58519 ADV-2009-2810 APPLE-SA-2010-03-29-1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html FEDORA-2009-10172 FEDORA-2009-10180 SSA:2009-276-01 SUSE-SR:2009:017 USN-839-1 http://news.samba.org/releases/3.0.37/ http://news.samba.org/releases/3.2.15/ http://news.samba.org/releases/3.3.8/ http://news.samba.org/releases/3.4.2/ http://samba.org/samba/security/CVE-2009-2906.html http://support.apple.com/kb/HT4077 http://wiki.rpath.com/Advisories:rPSA-2009-0145 oval:org.mitre.oval:def:7090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090 oval:org.mitre.oval:def:9944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944 samba-smb-dos(53575) https://exchange.xforce.ibmcloud.com/vulnerabilities/53575 Common Vulnerability Exposure (CVE) ID: CVE-2009-2948 BugTraq ID: 36572 http://www.securityfocus.com/bid/36572 http://osvdb.org/58520 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10434 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7087 http://www.securitytracker.com/id?1022975 XForce ISS Database: samba-mountcifs-info-disclosure(53574) https://exchange.xforce.ibmcloud.com/vulnerabilities/53574
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.