|
Family: Ubuntu Local Security Checks --> Category: infos
USN22-1 : samba vulnerability Vulnerability Scan
Vulnerability Scan Summary samba vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- libpam-smbpass
- libsmbclient
- libsmbclient-dev
- python2.3-samba
- samba
- samba-common
- samba-doc
- smbclient
- smbfs
- swat
- winbind
Description :
Karol Wiesek discovered a Denial of Service vulnerability in samba. A
flaw in the input validation routines used to match filename strings
containing wildcard characters may allow a remote user to consume more
than normal amounts of CPU resources, thus impacting the performance
and response of the server. In some circumstances the server can
become entirely unresponsive.
Solution :
Upgrade to :
- libpam-smbpass-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- libsmbclient-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- libsmbclient-dev-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- python2.3-samba-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- samba-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- samba-common-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- samba-doc-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- smbclient-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- smbfs-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- swat-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
- winbind-3.0.7-1ubuntu6.1 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|