 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.882773 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for samba4 CESA-2017:2791 centos6 |
| Zusammenfassung: | Check the version of samba4 |
| Beschreibung: | Summary: Check the version of samba4 Vulnerability Insight: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix(es): * It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163) Red Hat would like to thank the Samba project for reporting CVE-2017-12150 and Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam), Stefan Metzmacher (SerNet), and Jeremy Allison (Google) for reporting CVE-2017-12163. Upstream acknowledges Stefan Metzmacher (SerNet) as the original reporter of CVE-2017-12150. Affected Software/OS: samba4 on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-12150 BugTraq ID: 100918 http://www.securityfocus.com/bid/100918 Debian Security Information: DSA-3983 (Google Search) https://www.debian.org/security/2017/dsa-3983 RedHat Security Advisories: RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2789 RedHat Security Advisories: RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2790 RedHat Security Advisories: RHSA-2017:2791 https://access.redhat.com/errata/RHSA-2017:2791 RedHat Security Advisories: RHSA-2017:2858 https://access.redhat.com/errata/RHSA-2017:2858 http://www.securitytracker.com/id/1039401 Common Vulnerability Exposure (CVE) ID: CVE-2017-12163 100925 http://www.securityfocus.com/bid/100925 1039401 DSA-3983 RHSA-2017:2789 RHSA-2017:2790 RHSA-2017:2791 RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us https://security.netapp.com/advisory/ntap-20170921-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us https://www.samba.org/samba/security/CVE-2017-12163.html https://www.synology.com/support/security/Synology_SA_17_57_Samba |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |