Description: | Description:
The remote host is missing an update to samba announced via advisory FEDORA-2008-10638.
Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB/CIFS server that can be used to provide network services to SMB/CIFS clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
Update Information:
http://www.samba.org/samba/security/CVE-2008-4314.html ChangeLog:
* Thu Nov 27 2008 Guenther Deschner - 3.0.33-0.fc8 - Update to 3.0.33 (Security fix for CVE-2008-4314) * Tue Aug 26 2008 Guenther Deschner 3.0.32-0.fc8 - New upstream bugfix release * Fri Jul 11 2008 Simo Sorce 3.0.31-0.fc8 - New upstream bugfix release * Wed May 28 2008 Simo Sorce 3.0.30-0.fc8 - New upstream security release to fix CVE-2008-1105 * Wed May 21 2008 Simo Sorce 3.0.29-1.fc8 - Fix packaging issue * Wed May 21 2008 Simo Sorce 3.0.29-0.fc8 - New upstream bugfix release * Sun Mar 9 2008 Simo Sorce 3.0.28a-0.fc8 - New upstream bugfix release * Mon Dec 10 2007 Simo Sorce 3.0.28-0.fc8 - Fix CVE-2007-6015 * Wed Nov 21 2007 Simo Sorce 3.0.27a-0.fc8 - Upstream official fix for regression in CVE-2007-4572 - More fixes including 2 former patches we had in the package * Mon Nov 19 2007 Simo Sorce 3.0.27-1.fc8 - Fix regression in CVE-2007-4572 * Thu Nov 15 2007 Simo Sorce 3.0.27-0.fc8 - Fix CVE-2007-4572 - Fix CVE-2007-5398 References:
[ 1 ] Bug #472298 - CVE-2008-4314 samba: arbitrary memory disclosure https://bugzilla.redhat.com/show_bug.cgi?id=472298
Solution: Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update samba' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-10638
Risk factor : Critical
CVSS Score: 9.3
|