Test ID:	1.3.6.1.4.1.25623.1.0.54742
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200411-21 (samba)
Summary:	The remote host is missing updates announced in;advisory GLSA 200411-21.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200411-21. Vulnerability Insight: Samba is vulnerable to a buffer overflow that could lead to execution of arbitrary code (CVE-2004-0882). Another flaw in Samba may allow a remote attacker to cause a Denial of Service by excessive consumption of CPU cycles (CVE-2004-0930). Solution: All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.8' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0930 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html BugTraq ID: 11624 http://www.securityfocus.com/bid/11624 Bugtraq: 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=109993720717957&w=2 Conectiva Linux advisory: CLA-2004:899 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false http://www.mandriva.com/security/advisories?name=MDKSA-2004:131 http://marc.info/?l=bugtraq&m=110330519803655&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936 SCO Security Bulletin: SCOSA-2005.17 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt SGI Security Advisory: 20041201-01-P ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1 SuSE Security Announcement: SUSE-SA:2004:040 (Google Search) http://www.novell.com/linux/security/advisories/2004_40_samba.html https://www.ubuntu.com/usn/usn-22-1/ XForce ISS Database: samba-msfnmatch-dos(17987) https://exchange.xforce.ibmcloud.com/vulnerabilities/17987 Common Vulnerability Exposure (CVE) ID: CVE-2004-0882 Bugtraq: 20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=110054671403755&w=2 Bugtraq: 20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd (Google Search) http://marc.info/?l=bugtraq&m=110055646329581&w=2 Bugtraq: 20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (Google Search) CERT/CC vulnerability note: VU#457622 http://www.kb.cert.org/vuls/id/457622 Computer Incident Advisory Center Bulletin: P-038 http://www.ciac.org/ciac/bulletins/p-038.shtml http://security.e-matters.de/advisories/132004.html http://www.osvdb.org/11782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969 http://securitytracker.com/id?1012235 http://secunia.com/advisories/13189 http://www.trustix.net/errata/2004/0058/ XForce ISS Database: samba-qfilepathinfo-bo(18070) https://exchange.xforce.ibmcloud.com/vulnerabilities/18070
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.