Test ID:	1.3.6.1.4.1.25623.1.1.10.2014.0279
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2014-0279)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2014-0279 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2014-0279 advisory. Vulnerability Insight: Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled (CVE-2014-0178). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service (CVE-2014-0244). Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server (CVE-2014-3493). Affected Software/OS: 'samba' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0178 BugTraq ID: 67686 http://www.securityfocus.com/bid/67686 Bugtraq: 20140711 [ MDVSA-2014:136 ] samba (Google Search) http://www.securityfocus.com/archive/1/532757/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://security.gentoo.org/glsa/glsa-201502-15.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:136 http://www.mandriva.com/security/advisories?name=MDVSA-2015:082 http://www.securitytracker.com/id/1030308 http://secunia.com/advisories/59378 http://secunia.com/advisories/59407 http://secunia.com/advisories/59579 Common Vulnerability Exposure (CVE) ID: CVE-2014-0244 1030455 http://www.securitytracker.com/id/1030455 20140711 [ MDVSA-2014:136 ] samba 59378 59407 59433 http://secunia.com/advisories/59433 59579 59834 http://secunia.com/advisories/59834 59848 http://secunia.com/advisories/59848 59919 http://secunia.com/advisories/59919 61218 http://secunia.com/advisories/61218 68148 http://www.securityfocus.com/bid/68148 FEDORA-2014-7672 FEDORA-2014-9132 GLSA-201502-15 MDVSA-2014:136 MDVSA-2015:082 RHSA-2014:0866 http://rhn.redhat.com/errata/RHSA-2014-0866.html http://advisories.mageia.org/MGASA-2014-0279.html http://linux.oracle.com/errata/ELSA-2014-0866.html http://www.samba.org/samba/security/CVE-2014-0244 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1 https://bugzilla.redhat.com/show_bug.cgi?id=1097815 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993 Common Vulnerability Exposure (CVE) ID: CVE-2014-3493 68150 http://www.securityfocus.com/bid/68150 http://www.samba.org/samba/security/CVE-2014-3493 https://bugzilla.redhat.com/show_bug.cgi?id=1108748
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.