Test Kennung:	1.3.6.1.4.1.25623.1.1.4.2014.0723.1
Kategorie:	SuSE Local Security Checks
Titel:	SUSE: Security Advisory (SUSE-SU-2014:0723-1)
Zusammenfassung:	The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2014:0723-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'Samba' package(s) announced via the SUSE-SU-2014:0723-1 advisory. Vulnerability Insight: This is a LTSS roll-up update for the Samba Server suite fixing multiple security issues and bugs. Security issues fixed: * CVE-2013-4496: Password lockout was not enforced for SAMR password changes, leading to brute force possibility. * CVE-2013-4408: DCE-RPC fragment length field is incorrectly checked. * CVE-2013-4124: Samba was affected by a denial of service attack on authenticated or guest connections. * CVE-2013-0214: The SWAT webadministration was affected by a cross site scripting attack (XSS). * CVE-2013-0213: The SWAT webadministration could possibly be used in clickjacking attacks. Security Issue references: * CVE-2012-6150 * CVE-2013-0213 * CVE-2013-0214 * CVE-2013-4124 * CVE-2013-4408 * CVE-2013-4496 Affected Software/OS: 'Samba' package(s) on SUSE Linux Enterprise Server 11 SP1. Solution: Please install the updated package(s). CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6150 http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://security.gentoo.org/glsa/glsa-201502-15.xml HPdes Security Advisory: HPSBUX03087 http://marc.info/?l=bugtraq&m=141660010015249&w=2 HPdes Security Advisory: SSRT101413 http://www.mandriva.com/security/advisories?name=MDVSA-2013:299 http://openwall.com/lists/oss-security/2013/12/03/5 https://lists.samba.org/archive/samba-technical/2012-June/084593.html https://lists.samba.org/archive/samba-technical/2013-November/096411.html RedHat Security Advisories: RHSA-2014:0330 http://rhn.redhat.com/errata/RHSA-2014-0330.html SuSE Security Announcement: SUSE-SU-2014:0024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00002.html SuSE Security Announcement: openSUSE-SU-2013:1921 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00088.html SuSE Security Announcement: openSUSE-SU-2014:0405 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00063.html SuSE Security Announcement: openSUSE-SU-2016:1106 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html SuSE Security Announcement: openSUSE-SU-2016:1107 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html http://www.ubuntu.com/usn/USN-2054-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-0213 BugTraq ID: 57631 http://www.securityfocus.com/bid/57631 Debian Security Information: DSA-2617 (Google Search) http://www.debian.org/security/2013/dsa-2617 RedHat Security Advisories: RHSA-2013:1310 http://rhn.redhat.com/errata/RHSA-2013-1310.html RedHat Security Advisories: RHSA-2013:1542 http://rhn.redhat.com/errata/RHSA-2013-1542.html RedHat Security Advisories: RHSA-2014:0305 http://rhn.redhat.com/errata/RHSA-2014-0305.html SuSE Security Announcement: SUSE-SU-2013:0326 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.html SuSE Security Announcement: SUSE-SU-2013:0519 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00042.html SuSE Security Announcement: openSUSE-SU-2013:0277 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-02/msg00029.html SuSE Security Announcement: openSUSE-SU-2013:0281 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-02/msg00033.html http://www.ubuntu.com/usn/USN-2922-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-0214 http://osvdb.org/89627 Common Vulnerability Exposure (CVE) ID: CVE-2013-4124 Bugtraq: 20130806 [slackware-security] samba (SSA:2013-218-03) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-08/0028.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113591.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114011.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:207 http://osvdb.org/95969 RedHat Security Advisories: RHSA-2013:1543 http://rhn.redhat.com/errata/RHSA-2013-1543.html http://www.securitytracker.com/id/1028882 http://secunia.com/advisories/54519 SuSE Security Announcement: openSUSE-SU-2013:1339 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00012.html SuSE Security Announcement: openSUSE-SU-2013:1349 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00015.html http://www.ubuntu.com/usn/USN-1966-1 XForce ISS Database: samba-cve20134121-dos(86185) https://exchange.xforce.ibmcloud.com/vulnerabilities/86185 Common Vulnerability Exposure (CVE) ID: CVE-2013-4408 BugTraq ID: 64191 http://www.securityfocus.com/bid/64191 Debian Security Information: DSA-2812 (Google Search) http://www.debian.org/security/2013/dsa-2812 RedHat Security Advisories: RHSA-2013:1805 http://rhn.redhat.com/errata/RHSA-2013-1805.html RedHat Security Advisories: RHSA-2013:1806 http://rhn.redhat.com/errata/RHSA-2013-1806.html RedHat Security Advisories: RHSA-2014:0009 http://rhn.redhat.com/errata/RHSA-2014-0009.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4496 BugTraq ID: 66336 http://www.securityfocus.com/bid/66336 http://www.mandriva.com/security/advisories?name=MDVSA-2015:082 SuSE Security Announcement: openSUSE-SU-2014:0404 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00062.html http://www.ubuntu.com/usn/USN-2156-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.