Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.58995
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:1016
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2007:1016.

Samba is a suite of programs used by machines to share files, printers, and
other information.

A buffer overflow flaw was found in the way Samba creates NetBIOS replies.
If a Samba server is configured to run as a WINS server, a remote
unauthenticated user could cause the Samba server to crash or execute
arbitrary code. (CVE-2007-5398)

A heap-based buffer overflow flaw was found in the way Samba authenticates
users. A remote unauthenticated user could trigger this flaw to cause the
Samba server to crash. Careful analysis of this flaw has determined that
arbitrary code execution is not possible, and under most circumstances will
not result in a crash of the Samba server. (CVE-2007-4572)

A flaw was found in the way Samba assigned group IDs under certain
conditions. If the winbind nss info parameter in smb.conf is set to
either sfu or rfc2307, Samba users are incorrectly assigned the group
ID of 0. (CVE-2007-4138)

Red Hat would like to thank Alin Rad Pop of Secunia Research, Rick King,
and the Samba developers for responsibly disclosing these issues.

All Samba users are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-1016.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-4572
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
BugTraq ID: 26454
http://www.securityfocus.com/bid/26454
Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
http://www.securityfocus.com/archive/1/486859/100/0/threaded
Cert/CC Advisory: TA07-352A
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Debian Security Information: DSA-1409 (Google Search)
http://www.debian.org/security/2007/dsa-1409
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html
http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml
HPdes Security Advisory: HPSBUX02316
http://marc.info/?l=bugtraq&m=120524782005154&w=2
HPdes Security Advisory: HPSBUX02341
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
HPdes Security Advisory: SSRT071495
HPdes Security Advisory: SSRT080075
http://www.mandriva.com/security/advisories?name=MDKSA-2007:224
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643
http://www.redhat.com/support/errata/RHSA-2007-1013.html
http://www.redhat.com/support/errata/RHSA-2007-1016.html
http://www.redhat.com/support/errata/RHSA-2007-1017.html
http://securitytracker.com/id?1018954
http://secunia.com/advisories/27450
http://secunia.com/advisories/27679
http://secunia.com/advisories/27682
http://secunia.com/advisories/27691
http://secunia.com/advisories/27701
http://secunia.com/advisories/27720
http://secunia.com/advisories/27731
http://secunia.com/advisories/27787
http://secunia.com/advisories/27927
http://secunia.com/advisories/28136
http://secunia.com/advisories/28368
http://secunia.com/advisories/29341
http://secunia.com/advisories/30484
http://secunia.com/advisories/30736
http://secunia.com/advisories/30835
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1
SuSE Security Announcement: SUSE-SA:2007:065 (Google Search)
http://www.novell.com/linux/security/advisories/2007_65_samba.html
https://usn.ubuntu.com/544-1/
http://www.ubuntu.com/usn/usn-544-2
http://www.ubuntu.com/usn/usn-617-1
http://www.vupen.com/english/advisories/2007/3869
http://www.vupen.com/english/advisories/2007/4238
http://www.vupen.com/english/advisories/2008/0064
http://www.vupen.com/english/advisories/2008/0859/references
http://www.vupen.com/english/advisories/2008/1712/references
http://www.vupen.com/english/advisories/2008/1908
XForce ISS Database: samba-nmbd-bo(38501)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38501
Common Vulnerability Exposure (CVE) ID: CVE-2007-4138
BugTraq ID: 25636
http://www.securityfocus.com/bid/25636
Bugtraq: 20070911 [SECURITY] Winbind's rfc2307 & SFU nss_info plugin in Samba 3.0.25[a-c] assigns users a primary gid of 0 by default (Google Search)
http://www.securityfocus.com/archive/1/479078/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00201.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10375
http://www.securitytracker.com/id?1018681
http://secunia.com/advisories/26764
http://secunia.com/advisories/26776
http://secunia.com/advisories/26795
http://secunia.com/advisories/26834
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.419439
http://securityreason.com/securityalert/3135
http://www.vupen.com/english/advisories/2007/3120
XForce ISS Database: samba-smb-privilege-escalation(36560)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36560
Common Vulnerability Exposure (CVE) ID: CVE-2007-5398
BugTraq ID: 26455
http://www.securityfocus.com/bid/26455
Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search)
http://www.securityfocus.com/archive/1/483744/100/0/threaded
http://secunia.com/secunia_research/2007-90/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811
http://securitytracker.com/id?1018953
http://secunia.com/advisories/27742
http://securityreason.com/securityalert/3372
XForce ISS Database: samba-replynetbiospacket-bo(38502)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38502
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.