Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA048] DSA-048-3 samba Vulnerability Scan

Vulnerability Scan Summary
DSA-048-3 samba

Detailed Explanation for this Vulnerability Test

Marcus Meissner discovered that samba was not creating temporary
files safely in two places:

when a remote user queried a printer queue samba would create a
temporary file in which the queue data would be written. This was being
done using a predictable filename, and insecurely, allowing a local
attacker to trick samba into overwriting arbitrary files.
smbclient "more" and "mput" commands also created temporary files
in /tmp insecurely.

Both problems have been fixed in version 2.0.7-3.2, and we recommend
that you upgrade your samba package immediately. (This problem is also fixed
in the Samba 2.2 codebase.)

Note: DSA-048-1 included an incorrectly compiled sparc package, which
the second edition fixed.

The third edition of the advisory was made because Marc Jacobsen from HP
discovered that the security fixes from samba 2.0.8 did not fully fix the
/tmp symlink attack problem. The samba team released version 2.0.9 to fix
that, and those fixes have been added to version 2.0.7-3.3 of the Debian
samba packages.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.