Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 280-1 (samba)

Information

Severity

Severity

Critical

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

16 years ago

Modified

Modified

6 years ago

Summary

The remote host is missing an update to samba announced via advisory DSA 280-1.

Insight

Insight

Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in, a LanManager-like file and printer server for Unix. This vulnerability can lead to an anonymous user gaining root access on a Samba serving system. An exploit for this problem is already circulating and in use. Since the packags for potato are quite old it is likely that they contain more security-relevant bugs that we know of. You are therefore advised to upgrade your systems running Samba to woody soon. Unofficial backported packages from the Samba maintainers for version 2.2.8 of Samba for woody are available at <http://poeple.debian.org/~peloy/> and <http://poeple.debian.org/~vorlon/>. For the stable distribution (woody) this problem has been fixed in version 2.2.3a-12.3. For the old stable distribution (potato) this problem has been fixed in version 2.0.7-5.1. The unstable distribution (sid) is not affected since it contains version 3.0 packages already. We recommend that you upgrade your Samba packages immediately.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20280-1

Common Vulnerabilities and Exposures (CVE)