Test ID:	1.3.6.1.4.1.25623.1.0.59630
Category:	Fedora Local Security Checks
Title:	Fedora Core 6 FEDORA-2007-751 (samba)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to samba announced via advisory FEDORA-2007-751. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called Lan Manager) clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. * Thu Nov 15 2007 Simo Sorce 3.0.24-8.fc6 - Fix CVE-2007-4572 - Fix CVE-2007-5398 Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-751 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4572 1018954 http://securitytracker.com/id?1018954 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages http://www.securityfocus.com/archive/1/485936/100/0/threaded 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages http://www.securityfocus.com/archive/1/486859/100/0/threaded 237764 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1 26454 http://www.securityfocus.com/bid/26454 27450 http://secunia.com/advisories/27450 27679 http://secunia.com/advisories/27679 27682 http://secunia.com/advisories/27682 27691 http://secunia.com/advisories/27691 27701 http://secunia.com/advisories/27701 27720 http://secunia.com/advisories/27720 27731 http://secunia.com/advisories/27731 27787 http://secunia.com/advisories/27787 27927 http://secunia.com/advisories/27927 28136 http://secunia.com/advisories/28136 28368 http://secunia.com/advisories/28368 29341 http://secunia.com/advisories/29341 30484 http://secunia.com/advisories/30484 30736 http://secunia.com/advisories/30736 30835 http://secunia.com/advisories/30835 ADV-2007-3869 http://www.vupen.com/english/advisories/2007/3869 ADV-2007-4238 http://www.vupen.com/english/advisories/2007/4238 ADV-2008-0064 http://www.vupen.com/english/advisories/2008/0064 ADV-2008-0859 http://www.vupen.com/english/advisories/2008/0859/references ADV-2008-1712 http://www.vupen.com/english/advisories/2008/1712/references ADV-2008-1908 http://www.vupen.com/english/advisories/2008/1908 APPLE-SA-2007-12-17 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html DSA-1409 http://www.debian.org/security/2007/dsa-1409 FEDORA-2007-3402 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html GLSA-200711-29 http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml HPSBUX02316 http://marc.info/?l=bugtraq&m=120524782005154&w=2 HPSBUX02341 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657 MDKSA-2007:224 http://www.mandriva.com/security/advisories?name=MDKSA-2007:224 RHSA-2007:1013 http://www.redhat.com/support/errata/RHSA-2007-1013.html RHSA-2007:1016 http://www.redhat.com/support/errata/RHSA-2007-1016.html RHSA-2007:1017 http://www.redhat.com/support/errata/RHSA-2007-1017.html SSA:2007-320-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739 SSRT071495 SSRT080075 SUSE-SA:2007:065 http://www.novell.com/linux/security/advisories/2007_65_samba.html TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html USN-544-1 https://usn.ubuntu.com/544-1/ USN-544-2 http://www.ubuntu.com/usn/usn-544-2 USN-617-1 http://www.ubuntu.com/usn/usn-617-1 [Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://docs.info.apple.com/article.html?artnum=307179 http://us1.samba.org/samba/security/CVE-2007-4572.html http://www.vmware.com/security/advisories/VMSA-2008-0001.html https://issues.rpath.com/browse/RPL-1894 oval:org.mitre.oval:def:11132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132 oval:org.mitre.oval:def:5643 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643 samba-nmbd-bo(38501) https://exchange.xforce.ibmcloud.com/vulnerabilities/38501 Common Vulnerability Exposure (CVE) ID: CVE-2007-5398 BugTraq ID: 26455 http://www.securityfocus.com/bid/26455 Bugtraq: 20071115 Secunia Research: Samba "reply_netbios_packet()" Buffer OverflowVulnerability (Google Search) http://www.securityfocus.com/archive/1/483744/100/0/threaded Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) Cert/CC Advisory: TA07-352A Debian Security Information: DSA-1409 (Google Search) HPdes Security Advisory: HPSBUX02316 HPdes Security Advisory: HPSBUX02341 HPdes Security Advisory: SSRT071495 HPdes Security Advisory: SSRT080075 http://secunia.com/secunia_research/2007-90/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10230 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5811 http://securitytracker.com/id?1018953 http://secunia.com/advisories/27742 http://securityreason.com/securityalert/3372 SuSE Security Announcement: SUSE-SA:2007:065 (Google Search) XForce ISS Database: samba-replynetbiospacket-bo(38502) https://exchange.xforce.ibmcloud.com/vulnerabilities/38502
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.