| Description: | Description:
The remote host is missing an update to samba
announced via advisory MDKSA-2004:071.
A vulnerability was discovered in SWAT, the Samba Web Administration
Tool. The routine used to decode the base64 data during HTTP basic
authentication is subject to a buffer overrun caused by an invalid
base64 character. This same code is also used to internally decode
the sambaMungedDial attribute value when using the ldapsam passdb
backend, and to decode input given to the ntlm_auth tool.
This vulnerability only exists in Samba versions 3.0.2 or later
the 3.0.5 release fixes the vulnerability. Systems using SWAT, the
ldapsam passdb backend, and tose running winbindd and allowing third-
party applications to issue authentication requests via ntlm_auth
tool should upgrade immediately. (CVE-2004-0600)
A buffer overrun has been located in the code used to support
the 'mangling method = hash' smb.conf option. Please be aware
that the default setting for this parameter is 'mangling method
= hash2' and therefore not vulnerable. This bug is present in
Samba 3.0.0 and later, as well as Samba 2.2.X (CVE-2004-0686)
This update also fixes a bug where attempting to print in some cases
would cause smbd to exit with a signal 11.
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686
Risk factor : Critical
CVSS Score:
10.0
|
