Test ID:	1.3.6.1.4.1.25623.1.0.57110
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2006-195-01)
Summary:	The remote host is missing an update for the 'Samba' package(s) announced via the SSA:2006-195-01 advisory.
Description:	Summary: The remote host is missing an update for the 'Samba' package(s) announced via the SSA:2006-195-01 advisory. Vulnerability Insight: New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security related (but in my own and also the Samba's team member who made their WHATSNEW.txt entry, 'minor') denial of service issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/samba-3.0.23-i486-1_slack10.2.tgz: Upgraded to samba-3.0.23. This fixes a minor memory exhaustion DoS in smbd. The CVE entry for this issue may be found here: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'Samba' package(s) on Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3403 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html BugTraq ID: 18927 http://www.securityfocus.com/bid/18927 Bugtraq: 20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd (Google Search) http://www.securityfocus.com/archive/1/439875/100/0/threaded Bugtraq: 20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd (Google Search) http://www.securityfocus.com/archive/1/439757/100/0/threaded Bugtraq: 20060711 rPSA-2006-0128-1 samba samba-swat (Google Search) http://www.securityfocus.com/archive/1/439880/100/100/threaded Bugtraq: 20060720 Samba Internal Data Structures DOS Vulnerability Exploit (Google Search) http://www.securityfocus.com/archive/1/440767/100/0/threaded Bugtraq: 20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit (Google Search) http://www.securityfocus.com/archive/1/440836/100/0/threaded Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search) http://www.securityfocus.com/archive/1/451404/100/0/threaded Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search) http://www.securityfocus.com/archive/1/451417/100/200/threaded Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search) http://www.securityfocus.com/archive/1/451426/100/200/threaded Cert/CC Advisory: TA06-333A http://www.us-cert.gov/cas/techalerts/TA06-333A.html CERT/CC vulnerability note: VU#313836 http://www.kb.cert.org/vuls/id/313836 Debian Security Information: DSA-1110 (Google Search) http://www.debian.org/security/2006/dsa-1110 http://security.gentoo.org/glsa/glsa-200607-10.xml HPdes Security Advisory: HPSBUX02155 http://www.securityfocus.com/archive/1/448957/100/0/threaded HPdes Security Advisory: SSRT061235 http://www.mandriva.com/security/advisories?name=MDKSA-2006:120 http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355 http://www.redhat.com/support/errata/RHSA-2006-0591.html http://securitytracker.com/id?1016459 http://secunia.com/advisories/20980 http://secunia.com/advisories/20983 http://secunia.com/advisories/21018 http://secunia.com/advisories/21019 http://secunia.com/advisories/21046 http://secunia.com/advisories/21086 http://secunia.com/advisories/21143 http://secunia.com/advisories/21159 http://secunia.com/advisories/21187 http://secunia.com/advisories/21190 http://secunia.com/advisories/21262 http://secunia.com/advisories/22875 http://secunia.com/advisories/23155 SGI Security Advisory: 20060703-01-P ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876 SuSE Security Announcement: SUSE-SR:2006:017 (Google Search) http://www.novell.com/linux/security/advisories/2006_17_sr.html http://www.ubuntu.com/usn/usn-314-1 http://www.vupen.com/english/advisories/2006/2745 http://www.vupen.com/english/advisories/2006/4502 http://www.vupen.com/english/advisories/2006/4750 XForce ISS Database: samba-smbd-connection-dos(27648) https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.