Fedora Core 4 : samba-3.0.23-1.fc4 (2006-808)

high Nessus Plugin ID 24149

Synopsis

The remote Fedora Core host is missing a security update.

Description

- Wed Jul 12 2006 Jay Fenlason <fenlason at redhat.com> 3.0.23-1.fc4

- Update to 3.0.23 to close bz#197836 CVE-2006-3403 Samba denial of service

- include related spec file, filter-requires-samba.sh and patch changes from rawhide. -winbind, and -access patches are obsolete.

- include the fixed smb.init file from rawhide, closing bz#182560 Wrong retval for initscript when smbd is dead

- Mon Oct 10 2005 Jay Fenlason <fenlason at redhat.com>

- Upgrade to 3.0.20a, which includes all the previous upstream patches.

- Include the -winbind patch from Jeremy Allison <jra at samba.org> to fix a problem with winbind crashing.

- Include the -access patch from Jeremy Allison <jra at samba.org> to fix a problem with MS Access lock files.

- Updated the -warnings patch for 3.0.20a.

- Include --with-shared-modules=idmap_ad,idmap_rid to close bz#156810 ?
--with-shared-modules=idmap_ad,idmap_rid

- Include the new samba.pamd from Tomas Mraz (tmraz at redhat.com) to close bz#170259 ? pam_stack is deprecated

- Mon Aug 22 2005 Jay Fenlason <fenlason at redhat.com>

- New upstream release Includes five upstream patches
-bug3010_v1, -groupname_enumeration_v3,
-regcreatekey_winxp_v1, -usrmgr_groups_v1, and
-winbindd_v1 This obsoletes the -pie and -delim patches the -warning and -gcc4 patches are obsolete too The -man, -passwd, and -smbspool patches were updated to match 3.0.20pre1 Also, the -quoting patch was implemented differently upstream There is now a umount.cifs executable and manpage We run autogen.sh as part of the build phase The testprns command is now gone libsmbclient now has a man page

- Include -bug106483 patch to close bz#106483 smbclient:
-N negates the provided password, despite documentation

- Added the -warnings patch to quiet some compiler warnings.

- Removed many obsolete patches from CVS.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?6b23e045

Plugin Details

Severity: High

ID: 24149

File Name: fedora_2006-808.nasl

Version: 1.15

Type: local

Agent: unix

Published: 1/17/2007

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:samba-common, p-cpe:/a:fedoraproject:fedora:samba-debuginfo, p-cpe:/a:fedoraproject:fedora:samba-swat, cpe:/o:fedoraproject:fedora_core:4, p-cpe:/a:fedoraproject:fedora:samba, p-cpe:/a:fedoraproject:fedora:samba-client

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 7/14/2006

Reference Information

FEDORA: 2006-808