Test ID:	1.3.6.1.4.1.25623.1.0.58871
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:0061
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:0061. Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba's smbd daemon process. An authenticated user could send a specially crafted request which would cause a smbd child process to enter an infinite loop condition. By opening multiple CIFS sessions, an attacker could exhaust system resources (CVE-2007-0452). Users of Samba should update to these packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0061.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0452 1017587 http://securitytracker.com/id?1017587 200588 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 2007-0007 http://www.trustix.org/errata/2007/0007 20070201-01-P ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc 20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d http://www.securityfocus.com/archive/1/459167/100/0/threaded 20070207 rPSA-2007-0026-1 samba samba-swat http://www.securityfocus.com/archive/1/459365/100/0/threaded 2219 http://securityreason.com/securityalert/2219 22395 http://www.securityfocus.com/bid/22395 24021 http://secunia.com/advisories/24021 24030 http://secunia.com/advisories/24030 24046 http://secunia.com/advisories/24046 24060 http://secunia.com/advisories/24060 24067 http://secunia.com/advisories/24067 24076 http://secunia.com/advisories/24076 24101 http://secunia.com/advisories/24101 24140 http://secunia.com/advisories/24140 24145 http://secunia.com/advisories/24145 24151 http://secunia.com/advisories/24151 24188 http://secunia.com/advisories/24188 24284 http://secunia.com/advisories/24284 24792 http://secunia.com/advisories/24792 33100 http://osvdb.org/33100 ADV-2007-0483 http://www.vupen.com/english/advisories/2007/0483 ADV-2007-1278 http://www.vupen.com/english/advisories/2007/1278 DSA-1257 http://www.debian.org/security/2007/dsa-1257 FEDORA-2007-219 http://fedoranews.org/cms/node/2579 FEDORA-2007-220 http://fedoranews.org/cms/node/2580 GLSA-200702-01 http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml HPSBUX02204 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462 MDKSA-2007:034 http://www.mandriva.com/security/advisories?name=MDKSA-2007:034 RHSA-2007:0060 http://www.redhat.com/support/errata/RHSA-2007-0060.html RHSA-2007:0061 http://www.redhat.com/support/errata/RHSA-2007-0061.html SSA:2007-038-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916 SSRT071341 SUSE-SA:2007:016 http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html USN-419-1 http://www.ubuntu.com/usn/usn-419-1 http://us1.samba.org/samba/security/CVE-2007-0452.html https://issues.rpath.com/browse/RPL-1005 oval:org.mitre.oval:def:9758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9758 samba-smbd-filerename-dos(32301) https://exchange.xforce.ibmcloud.com/vulnerabilities/32301
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.