Executive Summary
Summary | |
---|---|
Title | samba security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0289 | First vendor Publication | 2008-05-28 |
Vendor | RedHat | Last vendor Modification | 2008-05-28 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated samba packages that fix a security issue are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the way Samba clients handle over-sized packets. If a client connected to a malicious Samba server, it was possible to execute arbitrary code as the Samba client user. It was also possible for a remote user to send a specially crafted print request to a Samba server that could result in the server executing the vulnerable client code, resulting in arbitrary code execution with the permissions of the Samba server. (CVE-2008-1105) Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing this issue. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 446724 - CVE-2008-1105 Samba client buffer overflow |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0289.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10020 | |||
Oval ID: | oval:org.mitre.oval:def:10020 | ||
Title: | Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | ||
Description: | Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1105 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17391 | |||
Oval ID: | oval:org.mitre.oval:def:17391 | ||
Title: | USN-617-1 -- samba vulnerabilities | ||
Description: | Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-617-1 CVE-2007-4572 CVE-2008-1105 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | samba |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17424 | |||
Oval ID: | oval:org.mitre.oval:def:17424 | ||
Title: | USN-617-2 -- samba regression | ||
Description: | USN-617-1 fixed vulnerabilities in Samba. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-617-2 CVE-2007-4572 CVE-2008-1105 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | samba |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18720 | |||
Oval ID: | oval:org.mitre.oval:def:18720 | ||
Title: | DSA-1590-1 samba - arbitrary code execution | ||
Description: | Alin Rad Pop discovered that Samba contained a buffer overflow condition when processing certain responses received while acting as a client, leading to arbitrary code execution (<a href="http://security-tracker.debian.org/tracker/CVE-2008-1105">CVE-2008-1105</a>). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1590-1 CVE-2008-1105 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | samba |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21727 | |||
Oval ID: | oval:org.mitre.oval:def:21727 | ||
Title: | ELSA-2008:0290: samba security and bug fix update (Critical) | ||
Description: | Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0290-01 CVE-2008-1105 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | samba |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5733 | |||
Oval ID: | oval:org.mitre.oval:def:5733 | ||
Title: | HP-UX running HP CIFS Server (Samba), Remote Execution of Arbitrary Code | ||
Description: | Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1105 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004 File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for Samba File : nvt/sles10_cifs-mount0.nasl |
2009-10-10 | Name : SLES9: Security update for Samba File : nvt/sles9p5027560.nasl |
2009-05-05 | Name : HP-UX Update for HP CIFS Server (Samba) HPSBUX02341 File : nvt/gb_hp_ux_HPSBUX02341.nasl |
2009-03-23 | Name : Ubuntu Update for samba regression USN-617-2 File : nvt/gb_ubuntu_USN_617_2.nasl |
2009-03-23 | Name : Ubuntu Update for samba vulnerabilities USN-617-1 File : nvt/gb_ubuntu_USN_617_1.nasl |
2009-03-06 | Name : RedHat Update for samba RHSA-2008:0288-01 File : nvt/gb_RHSA-2008_0288-01_samba.nasl |
2009-03-06 | Name : RedHat Update for samba RHSA-2008:0290-01 File : nvt/gb_RHSA-2008_0290-01_samba.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2008:0288-01 centos2 i386 File : nvt/gb_CESA-2008_0288-01_samba_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2008:0288 centos3 i386 File : nvt/gb_CESA-2008_0288_samba_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for samba CESA-2008:0288 centos3 x86_64 File : nvt/gb_CESA-2008_0288_samba_centos3_x86_64.nasl |
2009-02-17 | Name : Fedora Update for samba FEDORA-2008-4797 File : nvt/gb_fedora_2008_4797_samba_fc7.nasl |
2009-02-17 | Name : Fedora Update for samba FEDORA-2008-7243 File : nvt/gb_fedora_2008_7243_samba_fc9.nasl |
2009-02-17 | Name : Fedora Update for samba FEDORA-2008-4724 File : nvt/gb_fedora_2008_4724_samba_fc9.nasl |
2009-02-17 | Name : Fedora Update for samba FEDORA-2008-4679 File : nvt/gb_fedora_2008_4679_samba_fc8.nasl |
2009-02-16 | Name : Fedora Update for samba FEDORA-2008-10638 File : nvt/gb_fedora_2008_10638_samba_fc8.nasl |
2009-02-16 | Name : Fedora Update for samba FEDORA-2008-10518 File : nvt/gb_fedora_2008_10518_samba_fc9.nasl |
2009-01-23 | Name : SuSE Update for samba SUSE-SA:2008:026 File : nvt/gb_suse_2008_026.nasl |
2009-01-13 | Name : Fedora Core 9 FEDORA-2009-0268 (samba) File : nvt/fcore_2009_0268.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-23 (samba) File : nvt/glsa_200805_23.nasl |
2008-09-06 | Name : Samba 3.0.0 > 3.0.29 vulnerability File : nvt/samba_CB-A08-0085.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1590-1 (samba) File : nvt/deb_1590_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-149-01 samba File : nvt/esoft_slk_ssa_2008_149_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45657 | Samba lib/util_sock.c receive_smb_raw() Function Crafted Packet Handling Over... |
Snort® IPS/IDS
Date | Description |
---|---|
2015-01-06 | SMB server response heap overflow attempt RuleID : 32631 - Revision : 2 - Type : NETBIOS |
2014-01-10 | SMB server response heap overflow attempt RuleID : 13901 - Revision : 16 - Type : NETBIOS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0290.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0288.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0289.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080528_samba_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080528_samba_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0290.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12165.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2008-0011.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-108.nasl - Type : ACT_GATHER_INFO |
2008-09-19 | Name : The remote multi-function device allows execution of arbitrary code. File : xerox_xrx08_009.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-617-2.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-004.nasl - Type : ACT_GATHER_INFO |
2008-07-01 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_4.nasl - Type : ACT_GATHER_INFO |
2008-06-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-617-1.nasl - Type : ACT_GATHER_INFO |
2008-06-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cifs-mount-5292.nasl - Type : ACT_GATHER_INFO |
2008-06-05 | Name : The remote openSUSE host is missing a security update. File : suse_cifs-mount-5294.nasl - Type : ACT_GATHER_INFO |
2008-06-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-23.nasl - Type : ACT_GATHER_INFO |
2008-06-02 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4797.nasl - Type : ACT_GATHER_INFO |
2008-06-02 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4724.nasl - Type : ACT_GATHER_INFO |
2008-06-02 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4679.nasl - Type : ACT_GATHER_INFO |
2008-06-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1590.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0288.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote Samba server may be affected by a buffer overflow vulnerability. File : samba_3_0_30.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0290.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-149-01.nasl - Type : ACT_GATHER_INFO |
2008-05-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0288.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:38 |
|