Test ID:	1.3.6.1.4.1.25623.1.0.871870
Category:	Red Hat Local Security Checks
Title:	RedHat Update for samba RHSA-2017:1950-01
Summary:	The remote host is missing an update for the 'samba'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the referenced advisory. Vulnerability Insight: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba (4.6.2). (BZ#1391954) Security Fix(es): * A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory. (CVE-2017-9461) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. Affected Software/OS: samba on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9461 BugTraq ID: 99455 http://www.securityfocus.com/bid/99455 https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html RedHat Security Advisories: RHSA-2017:1950 https://access.redhat.com/errata/RHSA-2017:1950 RedHat Security Advisories: RHSA-2017:2338 https://access.redhat.com/errata/RHSA-2017:2338 RedHat Security Advisories: RHSA-2017:2778 https://access.redhat.com/errata/RHSA-2017:2778
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.