SUSE-SA:2004:045: samba

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2004:045 (samba).


The Samba developers informed us about several potential integer overflow
issues in the Samba 2 and Samba 3 code.
This update adds constraints to the Samba server code which protects it
from using values from untrusted sources as operands in arithmetic
operations to determine heap memory space needed to copy data.
Without these limitations a remote attacker may be able to overflow the
heap memory of the process and to overwrite vital information structures
which can be abused to execute arbitrary code.

Solution :

http://www.suse.de/security/advisories/2004_45_samba.html

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 16304 ()

Bugtraq ID:

CVE ID: CVE-2004-1154

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now