Test ID:	1.3.6.1.4.1.25623.1.0.50990
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2003:096
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2003:096. Samba is a suite of utilities which provides file and printer sharing services to SMB/CIFS clients. Sebastian Krahmer discovered a security vulnerability present in unpatched versions of Samba prior to 2.2.8. An anonymous user could use the vulnerability to gain root access on the target machine. Additionally, a race condition could allow an attacker to overwrite critical system files. All users of Samba are advised to update to the erratum packages which contain patches to correct these vulnerabilities. These packages contain the security fixes backported to the Samba 2.2.7 codebase. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-096.html http://www.samba.org/samba/whatsnew/samba-2.2.8.html Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0085 http://www.securityfocus.com/archive/1/316165/30/25370/threaded BugTraq ID: 7106 http://www.securityfocus.com/bid/7106 Bugtraq: 20030317 GLSA: samba (200303-11) (Google Search) http://marc.info/?l=bugtraq&m=104792646416629&w=2 Bugtraq: 20030317 Security Bugfix for Samba - Samba 2.2.8 Released (Google Search) http://marc.info/?l=bugtraq&m=104792723017768&w=2 Bugtraq: 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=104801012929374&w=2 Bugtraq: 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL (Google Search) Bugtraq: 20030401 Immunix Secured OS 7+ samba update (Google Search) http://www.securityfocus.com/archive/1/317145/30/25220/threaded CERT/CC vulnerability note: VU#298233 http://www.kb.cert.org/vuls/id/298233 Debian Security Information: DSA-262 (Google Search) http://www.debian.org/security/2003/dsa-262 http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml Immunix Linux Advisory: IMNX-2003-7+-003-01 http://www.mandriva.com/security/advisories?name=MDKSA-2003:032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552 http://www.redhat.com/support/errata/RHSA-2003-095.html http://www.redhat.com/support/errata/RHSA-2003-096.html http://secunia.com/advisories/8299 http://secunia.com/advisories/8303 SGI Security Advisory: 20030302-01-I ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I SuSE Security Announcement: SuSE-SA:2003:016 (Google Search) http://www.novell.com/linux/security/advisories/2003_016_samba.html Common Vulnerability Exposure (CVE) ID: CVE-2003-0086 BugTraq ID: 7107 http://www.securityfocus.com/bid/7107 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A554
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.