Mandriva Linux Security Advisory : samba (MDVSA-2010:119)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

A vulnerability has been discovered and corrected in samba :

Samba versions 3.0.x, 3.2.x and 3.3.x are affected by a memory
corruption vulnerability. Code dealing with the chaining of SMB1
packets did not correctly validate an input field provided by the
client, making it possible for a specially crafted packet to crash the
server or potentially cause the server to execute arbitrary code

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:

The updated packages have been patched to correct this issue.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 47042 (mandriva_MDVSA-2010-119.nasl)

Bugtraq ID: 40884

CVE ID: CVE-2010-2063

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now