VUPEN Security - Fedora Security Update Fixes Samba "nmbd" Multiple Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes Samba "nmbd" Multiple Vulnerabilities

Title : Fedora Security Update Fixes Samba "nmbd" Multiple Vulnerabilities
VUPEN ID : VUPEN/ADV-2007-3877
CVE ID : CVE-2007-4572 - CVE-2007-5398
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-16

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Receive VUPEN Security notifications by SMS

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in Samba. For additional information, see : VUPEN/ADV-2007-3869

Affected Products

Fedora 7

Solution

Upgrade the affected packages :

927f5fc35c8a5ba108964eb22ca5359e10025aae samba-common-3.0.27-0.fc7.ppc64.rpm
690636aabac880e8e29a8ccf7acf8449e2773af5 samba-debuginfo-3.0.27-0.fc7.ppc64.rpm
2b016de7c8d2fa5dc6733a2f1e9916fa573e75c0 samba-swat-3.0.27-0.fc7.ppc64.rpm
edfd1da967443939b4ff7274a0bb097a8df0e4ca samba-doc-3.0.27-0.fc7.ppc64.rpm
7ac02f4001304ccc21b202522d96d8db30558368 samba-client-3.0.27-0.fc7.ppc64.rpm
1f890b20627b51c67de56f73d5f21030a8e46fc4 libsmbclient-devel-3.0.27-0.fc7.ppc64.rpm
5704f7129c2e805620999a8006e0a17c32169ebf libsmbclient-3.0.27-0.fc7.ppc64.rpm
37de38d5856d943e8a2ad17be071ee0250d4d2d8 samba-3.0.27-0.fc7.ppc64.rpm
bd989240b3941eeba7444bbf235d250d9f8fced9 libsmbclient-devel-3.0.27-0.fc7.i386.rpm
98c46068f4f1bb0116e268f9353a03d33c200eef samba-debuginfo-3.0.27-0.fc7.i386.rpm
3d86ee0ba5c47396441b3ec276b0ce48ebcc25fb samba-doc-3.0.27-0.fc7.i386.rpm
c611a3d26da39d94cf3cc258f377f6eddc903423 libsmbclient-3.0.27-0.fc7.i386.rpm
fb1aa89c4281c5ac83bfe055ded414a2a896e0c7 samba-common-3.0.27-0.fc7.i386.rpm
307c5f5f453a96e4a17ebe399decd355ce36f6f8 samba-client-3.0.27-0.fc7.i386.rpm
5f14013d800de0e1f41c35729784e95d28f71c66 samba-3.0.27-0.fc7.i386.rpm
dfafc4a4236476ee58a0800c722fd99b4f0c14c0 samba-swat-3.0.27-0.fc7.i386.rpm
c1f4684db2037ac807c1a7cce925e579841bc5e5 samba-debuginfo-3.0.27-0.fc7.x86_64.rpm
b3343d3ef4b55a74fac8217ab6099a368b8d8b99 samba-client-3.0.27-0.fc7.x86_64.rpm
b1a457d08a88915b470fbd56de85a96022eef0c9 samba-3.0.27-0.fc7.x86_64.rpm
5ae10907f7c25ccd825003eefd723ce9cd6cf653 samba-swat-3.0.27-0.fc7.x86_64.rpm
d61adf6c0dde024e8102890e161825b5d2959af1 samba-common-3.0.27-0.fc7.x86_64.rpm
038e8c0629bfa476fd6fda888f9fbc1c23197507 libsmbclient-3.0.27-0.fc7.x86_64.rpm
817fcd0d5b50e7f65b4fde421371dddecde15d5b samba-doc-3.0.27-0.fc7.x86_64.rpm
d8007586fbc0f2a297a2c8466d2562a7aaf74ceb libsmbclient-devel-3.0.27-0.fc7.x86_64.rpm
4a47c655549ecfb43e50cee8e94f3afac69e92b2 samba-3.0.27-0.fc7.ppc.rpm
548feb57128a9d0e9e39e1741bd150f0681b31e7 samba-common-3.0.27-0.fc7.ppc.rpm
89b41287d26d423b0a294700a85bd366a574c8b2 samba-doc-3.0.27-0.fc7.ppc.rpm
36eedd88fb1394ee69d89475ec6374489a8d5962 samba-swat-3.0.27-0.fc7.ppc.rpm
804f359a2d44ad109fcbaab26dbe5b3179d41ae0 libsmbclient-3.0.27-0.fc7.ppc.rpm
8b2b054edc8f4619e7249331e148eb6d3c309b15 samba-debuginfo-3.0.27-0.fc7.ppc.rpm
b336e4e41634815e0f27c6556c205af2a49dceaf libsmbclient-devel-3.0.27-0.fc7.ppc.rpm
47b91baa674b82e417e1d6738b95b556ae52e792 samba-client-3.0.27-0.fc7.ppc.rpm
8b8ba1c5524a603088118a5d0a66222ae37a11a6 samba-3.0.27-0.fc7.src.rpm

References

http://www.vupen.com/english/advisories/2007/3877
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html

ChangeLog

2007-11-16 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

>> 2009-05-12

Microsoft Patched 14
Office PowerPoint Flaws

>> 2009-04-28

Adobe Reader / Acrobat
Vulnerabilities Disclosed

More Informations