CentOS Local Security Checks : CentOS: Security Advisory for ctdb (CESA-2022:0328)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.884198

Kategorie: CentOS Local Security Checks

Titel: CentOS: Security Advisory for ctdb (CESA-2022:0328)

Zusammenfassung: The remote host is missing an update for the 'ctdb'; package(s) announced via the CESA-2022:0328 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'ctdb'
package(s) announced via the CESA-2022:0328 advisory.

Vulnerability Insight:
Samba is an open-source implementation of the Server Message Block (SMB)
protocol and the related Common Internet File System (CIFS) protocol, which
allow PC-compatible machines to share files, printers, and various
information.

Security Fix(es):

* samba: Out-of-bounds heap read/write vulnerability in VFS module
vfs_fruit allows code execution (CVE-2021-44142)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Fix CVE-2020-25717 username map [script] advice (BZ#2034800)

* Fix Kerberos authentication on standalone server with MIT realm
(BZ#2036595)

Affected Software/OS:
'ctdb' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2021-44142
CERT/CC vulnerability note: https://kb.cert.org/vuls/id/119678
https://kb.cert.org/vuls/id/119678
https://bugzilla.samba.org/show_bug.cgi?id=14914
https://www.samba.org/samba/security/CVE-2021-44142.html
https://security.gentoo.org/glsa/202309-06
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
Common Vulnerability Exposure (CVE) ID: CVE-2020-25717
https://bugzilla.redhat.com/show_bug.cgi?id=2019672
https://www.samba.org/samba/security/CVE-2020-25717.html

Copyright Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.884198
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for ctdb (CESA-2022:0328)
Zusammenfassung:	The remote host is missing an update for the 'ctdb'; package(s) announced via the CESA-2022:0328 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ctdb' package(s) announced via the CESA-2022:0328 advisory. Vulnerability Insight: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Fix CVE-2020-25717 username map [script] advice (BZ#2034800) * Fix Kerberos authentication on standalone server with MIT realm (BZ#2036595) Affected Software/OS: 'ctdb' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-44142 CERT/CC vulnerability note: https://kb.cert.org/vuls/id/119678 https://kb.cert.org/vuls/id/119678 https://bugzilla.samba.org/show_bug.cgi?id=14914 https://www.samba.org/samba/security/CVE-2021-44142.html https://security.gentoo.org/glsa/202309-06 https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin Common Vulnerability Exposure (CVE) ID: CVE-2020-25717 https://bugzilla.redhat.com/show_bug.cgi?id=2019672 https://www.samba.org/samba/security/CVE-2020-25717.html
Copyright	Copyright (C) 2022 Greenbone Networks GmbH