|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA065] DSA-065-1 samba Vulnerability Assessment Details
|
[DSA065] DSA-065-1 samba |
||
DSA-065-1 samba Detailed Explanation for this Vulnerability Assessment Michal Zalewski discovered that Samba does not properly validate NetBIOS names from remote machines. By itself that is not a problem, except if Samba is configured to write log-files to a file that includes the NetBIOS name of the remote side by using the `%m' macro in the `log file' command. In that case a possible hacker could use a NetBIOS name like '../tmp/evil'. If the log-file was set to "/var/log/samba/%s" Samba would then write to /var/tmp/evil. Since the NetBIOS name is limited to 15 characters and the `log file' command could have an extension to the filename the results of this are limited. However if the attacker is also able to create symbolic links on the Samba server they could trick Samba into appending any data they want to all files on the filesystem which Samba can write to. The Debian GNU/Linux packaged version of Samba has a safe configuration and is not vulnerable. As temporary workaround for systems that are vulnerable change all occurrences of the `%m' macro in smb.conf to `%l' and restart Samba. This has been fixed in version 2.0.7-3.4, and we recommend that you upgrade your Samba package immediately. Solution : http://www.debian.org/security/2001/dsa-065 Network Security Threat Level: High Networks Security ID: 2927 Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi |
||
Cables, Connectors |
LSI 9305-16i SATA SAS 12Gbs RAID Controller PCIe 3.0 x8 IT-Mode 4* 8643 SATA
$229.99
ACASIS 2.5/3.5 inch 2 Bay SATA USB 3.0 Hard Drive Disk HDD SSD Enclosure 4 RAID
$58.99
HPE 869102-001 Smart Array E208i-a SR Gen10 Storage Controller RAID SP: 871039
$116.99
Lot of 4 - Genuine Dell (62P9H) PERC H710 512MB Mini Blade 6Gbps SAS Raid
$44.99
Inspur LSI 9300-8i Raid Card 12Gbps HBA HDD Controller High Profile IT MODE
$15.98
LSI MegaRAID 9361-8i 12Gb PCIe 8-Port SAS/SATA RAID 1Gb w/BBU/CacheVault/License
$39.95
ORICO Multi Bay RAID Hard Drive Enclosure USB 3.0/ Type-C For 2.5/3.5'' HDD SSDs
$82.49
LSI MegaRAID 9361-8i 12Gbps PCIe 3 x8 SATA SAS 3 8 Port RAID + BBU & CacheVault
$39.00
2 Bay RAID Hard Drive Enclosure USB 3.0 Type-B for 2.5" SATA SSD/HDD Enclosure
$59.99
Dell PERC H330 PCIe 3.0 x8 RAID Storage Controller 04Y5H1 High Profile
$17.99
|
||
No Discussions have been posted on this vulnerability. |