RedHat Update For Samba3x RHSA-2010:0698-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069) Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.

Affected

samba3x on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2010-September/msg00011.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3069
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0398
RedHat Security Advisory RHSA-2009:1130
RedHat Security Advisory RHSA-2009:0408
RedHat Security Advisory RHSA-2009:0377
RedHat Security Advisory RHSA-2009:1095

RedHat Update for samba3x RHSA-2010:0698-01

Take action and discover your vulnerabilities