ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0145
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0145)
Resumen:	The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2017-0145 advisory.
Descripción:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2017-0145 advisory. Vulnerability Insight: A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process (CVE-2016-2126). Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories (CVE-2017-2619). A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root (CVE-2017-7494). Affected Software/OS: 'samba' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2126 BugTraq ID: 94994 http://www.securityfocus.com/bid/94994 RedHat Security Advisories: RHSA-2017:0494 http://rhn.redhat.com/errata/RHSA-2017-0494.html RedHat Security Advisories: RHSA-2017:0495 http://rhn.redhat.com/errata/RHSA-2017-0495.html RedHat Security Advisories: RHSA-2017:0662 http://rhn.redhat.com/errata/RHSA-2017-0662.html RedHat Security Advisories: RHSA-2017:0744 http://rhn.redhat.com/errata/RHSA-2017-0744.html RedHat Security Advisories: RHSA-2017:1265 https://access.redhat.com/errata/RHSA-2017:1265 http://www.securitytracker.com/id/1037495 Common Vulnerability Exposure (CVE) ID: CVE-2017-2619 BugTraq ID: 97033 http://www.securityfocus.com/bid/97033 Debian Security Information: DSA-3816 (Google Search) https://www.debian.org/security/2017/dsa-3816 https://www.exploit-db.com/exploits/41740/ RedHat Security Advisories: RHSA-2017:2338 https://access.redhat.com/errata/RHSA-2017:2338 RedHat Security Advisories: RHSA-2017:2778 https://access.redhat.com/errata/RHSA-2017:2778 RedHat Security Advisories: RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2789 http://www.securitytracker.com/id/1038117 Common Vulnerability Exposure (CVE) ID: CVE-2017-7494 1038552 http://www.securitytracker.com/id/1038552 42060 https://www.exploit-db.com/exploits/42060/ 42084 https://www.exploit-db.com/exploits/42084/ 98636 http://www.securityfocus.com/bid/98636 DSA-3860 http://www.debian.org/security/2017/dsa-3860 GLSA-201805-07 https://security.gentoo.org/glsa/201805-07 RHSA-2017:1270 https://access.redhat.com/errata/RHSA-2017:1270 RHSA-2017:1271 https://access.redhat.com/errata/RHSA-2017:1271 RHSA-2017:1272 https://access.redhat.com/errata/RHSA-2017:1272 RHSA-2017:1273 https://access.redhat.com/errata/RHSA-2017:1273 RHSA-2017:1390 https://access.redhat.com/errata/RHSA-2017:1390 https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us https://security.netapp.com/advisory/ntap-20170524-0001/ https://www.samba.org/samba/security/CVE-2017-7494.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.