 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.68018 |
| Kategorie: | Red Hat Local Security Checks |
| Titel: | RedHat Security Advisory RHSA-2010:0697 |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2010:0697. Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069) For Red Hat Enterprise Linux 4, this update also fixes the following bug: * Previously, the restorecon utility was required during the installation of the samba-common package. As a result, attempting to update samba without this utility installed may have failed with the following error: /var/tmp/rpm-tmp.[xxxxx]: line 7: restorecon: command not found With this update, the utility is only used when it is already present on the system, and the package is now always updated as expected. (BZ#629602) Users of Samba are advised to upgrade to these updated packages, which correct these issues. After installing this update, the smb service will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0697.html http://www.redhat.com/security/updates/classification/#critical Risk factor : High CVSS Score: 7.5 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-3069 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html BugTraq ID: 43212 http://www.securityfocus.com/bid/43212 Bugtraq: 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console (Google Search) http://www.securityfocus.com/archive/1/515055/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html HPdes Security Advisory: HPSBUX02657 http://marc.info/?l=bugtraq&m=130835366526620&w=2 HPdes Security Advisory: SSRT100460 http://www.redhat.com/support/errata/RHSA-2010-0860.html http://www.securitytracker.com/id?1024434 http://secunia.com/advisories/41354 http://secunia.com/advisories/41447 http://secunia.com/advisories/42531 http://secunia.com/advisories/42885 SuSE Security Announcement: SUSE-SR:2010:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.ubuntu.com/usn/USN-987-1 http://www.vupen.com/english/advisories/2010/2378 http://www.vupen.com/english/advisories/2010/3126 http://www.vupen.com/english/advisories/2011/0091 XForce ISS Database: samba-sidparse-bo(61773) https://exchange.xforce.ibmcloud.com/vulnerabilities/61773 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |