Test ID:	1.3.6.1.4.1.25623.1.0.70951
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1226-1 (smbfs)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to smbfs announced via advisory USN-1226-1. Details: Dan Rosenberg discovered that Samba incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. (CVE-2011-1678) Jan Lieskovsky discovered that Samba incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. This issue only affected Ubuntu 10.04 LTS. (CVE-2011-2724) Dan Rosenberg discovered that Samba incorrectly handled the mtab lock file. A local attacker could use this issue to create a stale lock file, possibly leading to a denial of service. (CVE-2011-3585) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: smbfs 2:3.4.7~ dfsg-1ubuntu3.8 Ubuntu 8.04 LTS: smbfs 3.0.28a-1ubuntu4.16 http://www.securityspace.com/smysecure/catid.html?in=USN-1226-1 CVSS Score: 3.3 CVSS Vector: AV:L/AC:H/Au:NR/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1678 http://www.mandriva.com/security/advisories?name=MDVSA-2011:148 https://bugzilla.redhat.com/show_bug.cgi?id=688980 http://openwall.com/lists/oss-security/2011/03/04/11 http://openwall.com/lists/oss-security/2011/03/04/9 http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/12 http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 http://openwall.com/lists/oss-security/2011/03/07/9 http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall.com/lists/oss-security/2011/03/14/5 http://openwall.com/lists/oss-security/2011/03/14/7 http://openwall.com/lists/oss-security/2011/03/15/6 http://openwall.com/lists/oss-security/2011/03/22/4 http://openwall.com/lists/oss-security/2011/03/22/6 http://openwall.com/lists/oss-security/2011/03/31/3 http://openwall.com/lists/oss-security/2011/03/31/4 http://openwall.com/lists/oss-security/2011/04/01/2 XForce ISS Database: samba-smbfs-security-bypass(66702) https://exchange.xforce.ibmcloud.com/vulnerabilities/66702 Common Vulnerability Exposure (CVE) ID: CVE-2011-2724 1025984 http://www.securitytracker.com/id?1025984 45798 http://secunia.com/advisories/45798 MDVSA-2011:148 RHSA-2011:1220 http://www.redhat.com/support/errata/RHSA-2011-1220.html RHSA-2011:1221 http://www.redhat.com/support/errata/RHSA-2011-1221.html [oss-security] 20110729 CVE-2011-2724 assignment notification -- samba -- incomplete fix for CVE-2010-0547 issue http://openwall.com/lists/oss-security/2011/07/29/9 http://comments.gmane.org/gmane.linux.kernel.cifs/3827 http://git.samba.org/?p=cifs-utils.git%3Ba=commit%3Bh=1e7a32924b22d1f786b6f490ce8590656f578f91 https://bugzilla.redhat.com/show_bug.cgi?id=726691 Common Vulnerability Exposure (CVE) ID: CVE-2011-3585 https://bugzilla.redhat.com/show_bug.cgi?id=742907 https://bugzilla.samba.org/show_bug.cgi?id=7179 https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee0294d9b371071cb08268200 https://www.openwall.com/lists/oss-security/2011/09/27/1 https://www.openwall.com/lists/oss-security/2011/09/30/5
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.