Test ID:	1.3.6.1.4.1.25623.1.0.54042
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2004:040 (samba)
Summary:	SuSE Security Advisory SUSE-SA:2004:040 (samba)
Description:	The remote host is missing updates announced in advisory SUSE-SA:2004:040. There is a problem in the Samba file sharing service daemon, which allows a remote user to have the service consume lots of computing power and potentially crash the service by querying special wildcarded filenames. This attack can be successful if the Samba daemon is running and a remote user has access to a share (even read only). The Samba team has issued the new Samba version 3.0.8 to fix this problem, this update backports the relevant patch. This issue has been assigned the Mitre CVE ID CVE-2004-0930. Stefan Esser found a problem in the Unicode string handling in the Samba file handling which could lead to a remote heap buffer overflow and might allow remote attackers to inject code in the smbd process. This issue has been assigned the Mitre CVE ID CVE-2004-0882. The Samba version 2 packages are not affected by this problem. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2004:040 Risk factor : Critical
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0930 http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false Bugtraq: 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=109993720717957&w=2 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html Conectiva Linux advisory: CLA-2004:899 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:131 SCO Security Bulletin: SCOSA-2005.17 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt SGI Security Advisory: 20041201-01-P ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1 SuSE Security Announcement: SUSE-SA:2004:040 (Google Search) http://www.novell.com/linux/security/advisories/2004_40_samba.html http://marc.theaimsgroup.com/?l=bugtraq&m=110022719024619&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=110330519803655&w=2 BugTraq ID: 11624 http://www.securityfocus.com/bid/11624 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10936 XForce ISS Database: samba-msfnmatch-dos(17987) http://xforce.iss.net/xforce/xfdb/17987 Common Vulnerability Exposure (CVE) ID: CVE-2004-0882 Bugtraq: 20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=110054671403755&w=2 http://security.e-matters.de/advisories/132004.html Bugtraq: 20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=110055646329581&w=2 http://www.trustix.net/errata/2004/0058/ Bugtraq: 20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (Google Search) CERT/CC vulnerability note: VU#457622 http://www.kb.cert.org/vuls/id/457622 Computer Incident Advisory Center Bulletin: P-038 http://www.ciac.org/ciac/bulletins/p-038.shtml http://www.osvdb.org/11782 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9969 http://securitytracker.com/id?1012235 http://secunia.com/advisories/13189 XForce ISS Database: samba-qfilepathinfo-bo(18070) http://xforce.iss.net/xforce/xfdb/18070 Common Vulnerability Exposure (CVE) ID: CVE-2004-1007 XForce ISS Database: bogofilter-dos(17916) http://xforce.iss.net/xforce/xfdb/17916 Common Vulnerability Exposure (CVE) ID: CVE-2004-0989 Bugtraq: 20041026 libxml2 remote buffer overflows (not in xml parsing code though) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=109880813013482&w=2 http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html Conectiva Linux advisory: CLA-2004:890 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000890 Debian Security Information: DSA-582 (Google Search) http://www.debian.org/security/2004/dsa-582 http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml http://www.redhat.com/support/errata/RHSA-2004-615.html http://www.redhat.com/support/errata/RHSA-2004-650.html SuSE Security Announcement: SUSE-SR:2005:001 (Google Search) http://www.novell.com/linux/security/advisories/2005_01_sr.html http://marc.theaimsgroup.com/?l=bugtraq&m=110972110516151&w=2 Computer Incident Advisory Center Bulletin: P-029 http://www.ciac.org/ciac/bulletins/p-029.shtml BugTraq ID: 11526 http://www.securityfocus.com/bid/11526 http://www.osvdb.org/11179 http://www.osvdb.org/11180 http://www.osvdb.org/11324 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1173 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10505 http://securitytracker.com/id?1011941 http://secunia.com/advisories/13000 XForce ISS Database: libxml2-xmlnanoftpscanurl-bo(17870) http://xforce.iss.net/xforce/xfdb/17870 XForce ISS Database: libxml2-xmlnanoftpscanproxy-bo(17875) http://xforce.iss.net/xforce/xfdb/17875 XForce ISS Database: libxml2-nanoftp-file-bo(17872) http://xforce.iss.net/xforce/xfdb/17872 XForce ISS Database: libxml2-nanohttp-file-bo(17876) http://xforce.iss.net/xforce/xfdb/17876 Common Vulnerability Exposure (CVE) ID: CVE-2004-0888 Conectiva Linux advisory: CLA-2004:886 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 Debian Security Information: DSA-573 (Google Search) http://www.debian.org/security/2004/dsa-573 Debian Security Information: DSA-581 (Google Search) http://www.debian.org/security/2004/dsa-581 Debian Security Information: DSA-599 (Google Search) http://www.debian.org/security/2004/dsa-599 http://marc.theaimsgroup.com/?l=bugtraq&m=110815379627883&w=2 https://bugzilla.fedora.us/show_bug.cgi?id=2353 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.mandriva.com/security/advisories?name=MDKSA-2004:114 http://www.mandriva.com/security/advisories?name=MDKSA-2004:115 http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 http://www.redhat.com/support/errata/RHSA-2004-543.html http://www.redhat.com/support/errata/RHSA-2004-592.html http://www.redhat.com/support/errata/RHSA-2005-066.html http://www.redhat.com/support/errata/RHSA-2005-354.html SuSE Security Announcement: SUSE-SA:2004:039 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=109880927526773&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=109900116408307&w=2 BugTraq ID: 11501 http://www.securityfocus.com/bid/11501 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9714 XForce ISS Database: xpdf-pdf-bo(17818) http://xforce.iss.net/xforce/xfdb/17818 Common Vulnerability Exposure (CVE) ID: CVE-2004-0889 XForce ISS Database: xpdf-pdf-file-bo(17819) http://xforce.iss.net/xforce/xfdb/17819 Common Vulnerability Exposure (CVE) ID: CVE-2004-0891 https://bugzilla.fedora.us/show_bug.cgi?id=2188 http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml http://www.redhat.com/support/errata/RHSA-2004-604.html http://marc.theaimsgroup.com/?l=bugtraq&m=109900412126643&w=2 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11790 XForce ISS Database: gaim-file-transfer-dos(17790) http://xforce.iss.net/xforce/xfdb/17790 XForce ISS Database: gaim-msn-slp-bo(17786) http://xforce.iss.net/xforce/xfdb/17786 XForce ISS Database: gaim-msn-slp-dos(17787) http://xforce.iss.net/xforce/xfdb/17787 Common Vulnerability Exposure (CVE) ID: CVE-2004-0940 Debian Security Information: DSA-594 (Google Search) http://www.debian.org/security/2004/dsa-594 http://www.mandriva.com/security/advisories?name=MDKSA-2004:134 http://www.redhat.com/support/errata/RHSA-2004-600.html http://marc.theaimsgroup.com/?l=bugtraq&m=109906660225051&w=2 http://www.redhat.com/support/errata/RHSA-2005-816.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 BugTraq ID: 11471 http://www.securityfocus.com/bid/11471 http://www.vupen.com/english/advisories/2006/0789 http://securitytracker.com/id?1011783 http://secunia.com/advisories/12898/ http://secunia.com/advisories/19073 XForce ISS Database: apache-modinclude-bo(17785) http://xforce.iss.net/xforce/xfdb/17785 Common Vulnerability Exposure (CVE) ID: CVE-2004-0492 http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html http://www.guninski.com/modproxy1.html Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=108711172710140&w=2 Debian Security Information: DSA-525 (Google Search) http://www.debian.org/security/2004/dsa-525 https://bugzilla.fedora.us/show_bug.cgi?id=1737 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.mandriva.com/security/advisories?name=MDKSA-2004:065 RedHat Security Advisories: RHSA-2004:245 http://rhn.redhat.com/errata/RHSA-2004-245.html SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 CERT/CC vulnerability note: VU#541310 http://www.kb.cert.org/vuls/id/541310 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4863 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100112 http://secunia.com/advisories/11841 XForce ISS Database: apache-modproxy-contentlength-bo(16387) http://xforce.iss.net/xforce/xfdb/16387 Common Vulnerability Exposure (CVE) ID: CVE-2004-0885 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html HPdes Security Advisory: HPSBUX01123 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123 http://www.redhat.com/support/errata/RHSA-2004-562.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://www.ubuntu.com/usn/usn-177-1 Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=109786159119069&w=2 BugTraq ID: 11360 http://www.securityfocus.com/bid/11360 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10384 http://secunia.com/advisories/19072 XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671) http://xforce.iss.net/xforce/xfdb/17671
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: