Debian Security Advisory DSA 1327-1 (gsambad) Network Vulnerability

Summary

The remote host is missing an update to gsambad announced via advisory DSA 1327-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201327-1

Insight

Steve Kemp from the Debian Security Audit project discovered that gsambad, a GTK+ configuration tool for samba, uses temporary files in an unsafe manner which may be exploited to truncate arbitary files from the local system. For the stable distribution (etch) this problem has been fixed in version 0.1.4-2etch1. For the unstable distribution (sid) this problem will be fixed shortly. We recommend that you upgrade your gsambad package.

Severity

Classification

CVE CVE-2007-2838
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1045-1 (openvpn)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 017-1 (jazip)
Debian Security Advisory DSA 1031-1 (cacti)
Debian Security Advisory DSA 060-1 (fetchmail)

Take action and discover your vulnerabilities