|
|
Family: Debian Local Security Checks --> Category: infos
[DSA463] DSA-463-1 samba Vulnerability Scan
Vulnerability Scan Summary
DSA-463-1 samba
Detailed Explanation for this Vulnerability Test
Samba, a LanManager-like file and printer server for Unix, was found
to contain a vulnerability whereby a local user could use the "smbmnt"
utility, which is setuid root, to mount a file share from a remote
server which contained setuid programs under the control of the user.
These programs could then be executed to gain rights on the local
system.
For the current stable distribution (woody) this problem has been
fixed in version 2.2.3a-13.
For the unstable distribution (sid) this problem has been fixed in
version 3.0.2-2.
We recommend that you update your samba package.
Solution : http://www.debian.org/security/2004/dsa-463
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
