Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 1291-2 (samba)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to samba announced via advisory DSA 1291-2.
Insight
Insight
This update to DSA-1291 covers the old stable version of Debian, 3.1 (sarge). The current stable distribution, 4.0 (etch) was updated previously. Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux. CVE-2007-2446 Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. CVE-2007-2447 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution For the old stable distribution (sarge), these problems have been fixed in version 3.0.14a-3sarge6 We recommend that you upgrade your samba package.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201291-2