 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.54215 |
| Category: | Trustix Local Security Checks |
| Title: | Trustix Security Advisory TSLSA-2001-0011 (Samba) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory TSLSA-2001-0011. From the Samba Advisory: A serious security hole has been discovered in all versions of Samba that allows an attacker to gain root access on the target machine for certain types of common Samba configuration. A remote attacker can use a netbios name containing unix path characters which will then be substituted into the %m macro wherever it occurs in smb.conf. This can be used to cause Samba to create a log file on top of an important system file, which in turn can be used to compromise security on the server. Note that default configuration on TSL configuration prevents this from being exploited, but we feel that you should update none the less. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2001-0011 Risk factor : High |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |