Test ID:	1.3.6.1.4.1.25623.1.0.67643
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-951-1 (samba)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to samba announced via advisory USN-951-1. Details follow: Jun Mao discovered that Samba did not correctly validate SMB1 packet contents. An unauthenticated remote attacker could send specially crafted network traffic that could execute arbitrary code as the root user. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: samba 3.0.22-1ubuntu3.12 Ubuntu 8.04 LTS: samba 3.0.28a-1ubuntu4.12 Ubuntu 9.04: samba 2:3.3.2-1ubuntu3.5 In general, a standard system update will make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-951-1 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2063 1024107 http://www.securitytracker.com/id?1024107 20100616 Samba 3.3.12 Memory Corruption Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=873 40145 http://secunia.com/advisories/40145 40210 http://secunia.com/advisories/40210 40221 http://secunia.com/advisories/40221 40293 http://secunia.com/advisories/40293 40884 http://www.securityfocus.com/bid/40884 42319 http://secunia.com/advisories/42319 65518 http://osvdb.org/65518 ADV-2010-1486 http://www.vupen.com/english/advisories/2010/1486 ADV-2010-1504 http://www.vupen.com/english/advisories/2010/1504 ADV-2010-1505 http://www.vupen.com/english/advisories/2010/1505 ADV-2010-1507 http://www.vupen.com/english/advisories/2010/1507 ADV-2010-1517 http://www.vupen.com/english/advisories/2010/1517 ADV-2010-3063 http://www.vupen.com/english/advisories/2010/3063 APPLE-SA-2010-08-24-1 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html DSA-2061 http://www.debian.org/security/2010/dsa-2061 HPSBUX02609 http://marc.info/?l=bugtraq&m=129138831608422&w=2 HPSBUX02657 http://marc.info/?l=bugtraq&m=130835366526620&w=2 MDVSA-2010:119 http://www.mandriva.com/security/advisories?name=MDVSA-2010:119 RHSA-2010:0488 http://www.redhat.com/support/errata/RHSA-2010-0488.html SSA:2010-169-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.471914 SSRT100147 SSRT100460 SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html USN-951-1 http://ubuntu.com/usn/usn-951-1 [samba-announce] 20100616 Samba 3.3.13 Security Release Available for Download http://marc.info/?l=samba-announce&m=127668712312761&w=2 http://support.apple.com/kb/HT4312 http://www.samba.org/samba/ftp/history/samba-3.3.13.html http://www.samba.org/samba/ftp/patches/security/samba-3.0.37-CVE-2010-2063.patch http://www.samba.org/samba/ftp/patches/security/samba-3.3.12-CVE-2010-2063.patch http://www.samba.org/samba/security/CVE-2010-2063.html oval:org.mitre.oval:def:12427 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12427 oval:org.mitre.oval:def:7115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7115 oval:org.mitre.oval:def:9859 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9859 samba-smb1-code-execution(59481) https://exchange.xforce.ibmcloud.com/vulnerabilities/59481
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.