This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and
4.1.x before 4.1.8, when a certain vfs shadow copy
configuration is enabled, does not properly initialize
the SRV_SNAPSHOT_ARRAY response field, which allows
remote authenticated users to obtain potentially
sensitive information from process memory via a (1)
FSCTL_GET_SHADOW_COPY_DATA or (2)
FSCTL_SRV_ENUMERATE_SNAPSHOTS request. (CVE-2014-0178)
See also :
Upgrade to Solaris 126.96.36.199.0.
Risk factor :
Low / CVSS Base Score : 3.5