ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0289
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0289)
Resumen:	The remote host is missing an update for the 'ldb, samba' package(s) announced via the MGASA-2020-0289 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ldb, samba' package(s) announced via the MGASA-2020-0289 advisory. Vulnerability Insight: Updated samba packages fix security vulnerabilities: Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-10730). Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service (CVE-2020-10745). Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-10760). The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives a empty (zero-length) UDP packet to port 137 (CVE-2020-14303). Affected Software/OS: 'ldb, samba' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10730 Debian Security Information: DSA-4884 (Google Search) https://www.debian.org/security/2021/dsa-4884 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YLNQ5GRXUKYRUAOFZ4DUBVN4SMTL6Q2/ https://security.gentoo.org/glsa/202007-15 https://bugzilla.redhat.com/show_bug.cgi?id=1849489; https://www.samba.org/samba/security/CVE-2020-10730.html https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html SuSE Security Announcement: openSUSE-SU-2020:0984 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00030.html SuSE Security Announcement: openSUSE-SU-2020:1023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html SuSE Security Announcement: openSUSE-SU-2020:1121 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00000.html SuSE Security Announcement: openSUSE-SU-2020:1313 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2020-10745 https://bugzilla.redhat.com/show_bug.cgi?id=1849491; https://www.samba.org/samba/security/CVE-2020-10745.html Common Vulnerability Exposure (CVE) ID: CVE-2020-10760 https://bugzilla.redhat.com/show_bug.cgi?id=1849509; https://www.samba.org/samba/security/CVE-2020-10760.html https://usn.ubuntu.com/4409-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-14303 https://bugzilla.redhat.com/show_bug.cgi?id=1851298; https://www.samba.org/samba/security/CVE-2020-14303.html https://usn.ubuntu.com/4454-1/ https://usn.ubuntu.com/4454-2/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.