English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59467
Category:Fedora Local Security Checks
Title:Fedora Core 5 FEDORA-2007-219 (samba)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to samba
announced via advisory FEDORA-2007-219.


Samba is the suite of programs by which a lot of PC-related machines
share files, printers, and other information (such as lists of
available files and printers). The Windows NT, OS/2, and Linux
operating systems support this natively, and add-on packages can
enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
and more. This package provides an SMB server that can be used to
provide network services to SMB (sometimes called Lan Manager)
clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.


* Wed Feb 7 2007 Jay Fenlason 3.0.24-1.fc5
- New upstream release
- Update the -man patch to work with 3.0.24
- This release
fixes CVE-2007-0452 Samba smbd denial of service
* Tue Sep 26 2006 Jay Fenlason 3.0.23c-1.fc5
- Include the newer smb.init that includes the configtest option
- Upgrade to 3.0.23c, obsoleting the -samr_alias patch.
* Wed Aug 9 2006 Jay Fenlason 3.0.23b-1.fc5
- New upstream release, fixing some annoying bugs.
* Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5.1
- Fix the -logfiles patch to close
bz#199607 Samba compiled with wrong log path.
bz#199206 smb.conf has incorrect log file path
* Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5
- Upgrade to new upstream 3.0.23a
- include upstream samr_alias patch
* Wed Jul 12 2006 Jay Fenlason 3.0.23-1.fc5
- Upgrade to 3.0.23 to close
bz#197836 CVE-2006-3403 Samba denial of service
- include related spec file, filter-requires-samba.sh and patch changes
from rawhide.
- include the fixed smb.init file from rawhide, closing
bz#182560 Wrong retval for initscript when smbd is dead

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/


This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.


http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-219

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0452
1017587
http://securitytracker.com/id?1017587
200588
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
2007-0007
http://www.trustix.org/errata/2007/0007
20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d
http://www.securityfocus.com/archive/1/459167/100/0/threaded
20070207 rPSA-2007-0026-1 samba samba-swat
http://www.securityfocus.com/archive/1/459365/100/0/threaded
2219
http://securityreason.com/securityalert/2219
22395
http://www.securityfocus.com/bid/22395
24021
http://secunia.com/advisories/24021
24030
http://secunia.com/advisories/24030
24046
http://secunia.com/advisories/24046
24060
http://secunia.com/advisories/24060
24067
http://secunia.com/advisories/24067
24076
http://secunia.com/advisories/24076
24101
http://secunia.com/advisories/24101
24140
http://secunia.com/advisories/24140
24145
http://secunia.com/advisories/24145
24151
http://secunia.com/advisories/24151
24188
http://secunia.com/advisories/24188
24284
http://secunia.com/advisories/24284
24792
http://secunia.com/advisories/24792
33100
http://osvdb.org/33100
ADV-2007-0483
http://www.vupen.com/english/advisories/2007/0483
ADV-2007-1278
http://www.vupen.com/english/advisories/2007/1278
DSA-1257
http://www.debian.org/security/2007/dsa-1257
FEDORA-2007-219
http://fedoranews.org/cms/node/2579
FEDORA-2007-220
http://fedoranews.org/cms/node/2580
GLSA-200702-01
http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
HPSBUX02204
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462
MDKSA-2007:034
http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
RHSA-2007:0060
http://www.redhat.com/support/errata/RHSA-2007-0060.html
RHSA-2007:0061
http://www.redhat.com/support/errata/RHSA-2007-0061.html
SSA:2007-038-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
SSRT071341
SUSE-SA:2007:016
http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html
USN-419-1
http://www.ubuntu.com/usn/usn-419-1
http://us1.samba.org/samba/security/CVE-2007-0452.html
https://issues.rpath.com/browse/RPL-1005
oval:org.mitre.oval:def:9758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9758
samba-smbd-filerename-dos(32301)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32301
Common Vulnerability Exposure (CVE) ID: CVE-2006-3403
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
BugTraq ID: 18927
http://www.securityfocus.com/bid/18927
Bugtraq: 20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd (Google Search)
http://www.securityfocus.com/archive/1/439875/100/0/threaded
Bugtraq: 20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd (Google Search)
http://www.securityfocus.com/archive/1/439757/100/0/threaded
Bugtraq: 20060711 rPSA-2006-0128-1 samba samba-swat (Google Search)
http://www.securityfocus.com/archive/1/439880/100/100/threaded
Bugtraq: 20060720 Samba Internal Data Structures DOS Vulnerability Exploit (Google Search)
http://www.securityfocus.com/archive/1/440767/100/0/threaded
Bugtraq: 20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit (Google Search)
http://www.securityfocus.com/archive/1/440836/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451426/100/200/threaded
Cert/CC Advisory: TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
CERT/CC vulnerability note: VU#313836
http://www.kb.cert.org/vuls/id/313836
Debian Security Information: DSA-1110 (Google Search)
http://www.debian.org/security/2006/dsa-1110
http://security.gentoo.org/glsa/glsa-200607-10.xml
HPdes Security Advisory: HPSBUX02155
http://www.securityfocus.com/archive/1/448957/100/0/threaded
HPdes Security Advisory: SSRT061235
http://www.mandriva.com/security/advisories?name=MDKSA-2006:120
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355
http://www.redhat.com/support/errata/RHSA-2006-0591.html
http://securitytracker.com/id?1016459
http://secunia.com/advisories/20980
http://secunia.com/advisories/20983
http://secunia.com/advisories/21018
http://secunia.com/advisories/21019
http://secunia.com/advisories/21046
http://secunia.com/advisories/21086
http://secunia.com/advisories/21143
http://secunia.com/advisories/21159
http://secunia.com/advisories/21187
http://secunia.com/advisories/21190
http://secunia.com/advisories/21262
http://secunia.com/advisories/22875
http://secunia.com/advisories/23155
SGI Security Advisory: 20060703-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876
SuSE Security Announcement: SUSE-SR:2006:017 (Google Search)
http://www.novell.com/linux/security/advisories/2006_17_sr.html
http://www.ubuntu.com/usn/usn-314-1
http://www.vupen.com/english/advisories/2006/2745
http://www.vupen.com/english/advisories/2006/4502
http://www.vupen.com/english/advisories/2006/4750
XForce ISS Database: samba-smbd-connection-dos(27648)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.