|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA280] DSA-280-1 samba Vulnerability Assessment Details
|
[DSA280] DSA-280-1 samba |
||
|
DSA-280-1 samba Detailed Explanation for this Vulnerability Assessment Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in Samba, a LanManager-like file and printer server for Unix. This vulnerability can lead to an anonymous user gaining root access on a Samba serving system. An exploit for this problem is already circulating and in use. Since the packages for potato are quite old it is likely that they contain more security-relevant bugs that we don't know of. You are therefore advised to upgrade your systems running Samba to woody soon. Unofficial backported packages from the Samba maintainers for version 2.2.8 of Samba for woody are available at ~peloy and ~vorlon. For the stable distribution (woody) this problem has been fixed in version 2.2.3a-12.3. For the old stable distribution (potato) this problem has been fixed in version 2.0.7-5.1. The unstable distribution (sid) is not affected since it contains version 3.0 packages already. We recommend that you upgrade your Samba packages immediately. Solution : http://www.debian.org/security/2003/dsa-280 Network Security Threat Level: High Networks Security ID: 7294, 7295 Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi |
||
|
Router Components, Memory |
|
||
|
No Discussions have been posted on this vulnerability. |