Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 E-Soft Inc.OPENVAS:136141256231063122
HistoryJan 07, 2009 - 12:00 a.m.

Fedora Core 10 FEDORA-2009-0160 (samba)

2009-01-0700:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
9

6.6 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:N/A:P

0.806 High

EPSS

Percentile

98.3%

JSON

The remote host is missing an update to samba
announced via advisory FEDORA-2009-0160.

# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.63122");
  script_version("2023-07-18T05:05:36+0000");
  script_tag(name:"last_modification", value:"2023-07-18 05:05:36 +0000 (Tue, 18 Jul 2023)");
  script_tag(name:"creation_date", value:"2009-01-07 23:16:01 +0100 (Wed, 07 Jan 2009)");
  script_cve_id("CVE-2009-0022", "CVE-2008-4314");
  script_tag(name:"cvss_base", value:"8.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:N/A:P");
  script_name("Fedora Core 10 FEDORA-2009-0160 (samba)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 E-Soft Inc.");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC10");
  script_tag(name:"insight", value:"Update Information:

Security fix for CVE-2009-0022

ChangeLog:

  * Mon Jan  5 2009 Guenther Deschner  - 3.2.7-0.25

  - Update to 3.2.7 (Security fix for CVE-2009-0022)

  * Wed Dec 10 2008 Guenther Deschner  - 3.2.6-0.24

  - Update to 3.2.6

  * Thu Nov 27 2008 Guenther Deschner  - 3.2.5-0.23

  - Update to 3.2.5 (Security fix for CVE-2008-4314)");
  script_tag(name:"solution", value:"Apply the appropriate updates.

This update can be installed with the yum update program.  Use
su -c 'yum update samba' at the command line.");

  script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0160");
  script_tag(name:"summary", value:"The remote host is missing an update to samba
announced via advisory FEDORA-2009-0160.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

res = "";
report = "";

if ((res = isrpmvuln(pkg:"libsmbclient", rpm:"libsmbclient~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libsmbclient-devel", rpm:"libsmbclient-devel~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libtalloc", rpm:"libtalloc~1.2.0~25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libtalloc-devel", rpm:"libtalloc-devel~1.2.0~25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libtdb", rpm:"libtdb~1.1.1~25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libtdb-devel", rpm:"libtdb-devel~1.1.1~25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba", rpm:"samba~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-domainjoin-gui", rpm:"samba-domainjoin-gui~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-winbind-devel", rpm:"samba-winbind-devel~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"tdb-tools", rpm:"tdb-tools~1.1.1~25.fc10", rls:"FC10")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"samba-debuginfo", rpm:"samba-debuginfo~3.2.7~0.25.fc10", rls:"FC10")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

Related

nessus 19
fedora 6
openvas 62
slackware 2
debiancve 2
ubuntu 2
prion 2
securityvulns 4
freebsd 1
cve 2
ubuntucve 2
seebug 2
samba 2
gentoo 1
checkpoint_advisories 2
nessus
nessus
openSUSE Security Update : cifs-mount (cifs-mount-410)
2009-07-21 00:00:00
openSUSE Security Update : cifs-mount (cifs-mount-406)
2009-07-21 00:00:00
GLSA-200903-07 : Samba: Data disclosure
2009-03-08 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: samba-3.2.7-0.25.fc10
2009-01-07 09:25:20
[SECURITY] Fedora 9 Update: samba-3.2.7-0.23.fc9
2009-01-07 21:50:31
[SECURITY] Fedora 10 Update: samba-3.2.15-0.36.fc10
2009-10-03 18:57:48
openvas
openvas
Fedora Core 10 FEDORA-2009-0160 (samba)
2009-01-07 00:00:00
Fedora Core 9 FEDORA-2009-0268 (samba)
2009-01-13 00:00:00
Fedora Core 9 FEDORA-2009-0268 (samba)
2009-01-13 00:00:00
slackware
slackware
[slackware-security] samba
2008-11-29 02:14:34
samba
2009-01-05 13:53:53
debiancve
debiancve
CVE-2008-4314
2008-12-01 15:30:00
CVE-2009-0022
2009-01-05 20:30:00
ubuntu
ubuntu
Samba vulnerability
2008-11-27 00:00:00
Samba vulnerability
2009-01-05 00:00:00
prion
prion
Design/Logic Flaw
2008-12-01 15:30:00
Cross site request forgery (csrf)
2009-01-05 20:30:00
securityvulns
securityvulns
[USN-680-1] Samba vulnerability
2008-11-27 00:00:00
SAMBA information disclosure
2008-11-27 00:00:00
[USN-702-1] Samba vulnerability
2009-01-06 00:00:00
freebsd
freebsd
samba -- potential leakage of arbitrary memory contents
2008-11-27 00:00:00
cve
cve
CVE-2008-4314
2008-12-01 15:30:00
CVE-2009-0022
2009-01-05 20:30:00
ubuntucve
ubuntucve
CVE-2008-4314
2008-12-01 00:00:00
CVE-2009-0022
2009-01-05 00:00:00
seebug
seebug
Samba smbd่ฟœ็จ‹ไฟกๆฏๆณ„้œฒๆผๆดž
2008-11-30 00:00:00
Sambaๆณจๅ†Œ่กจๅ…ฑไบซๅ้žๆŽˆๆƒ่ฎฟ้—ฎๆผๆดž
2009-01-06 00:00:00
samba
samba
Potential leak of arbitrary memory contents
2008-11-27 00:00:00
Potential access to "/" in setups with
2009-01-05 00:00:00
gentoo
gentoo
Samba: Data disclosure
2009-03-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Samba Root File System Access Security Bypass Vulnerability
2009-01-09 00:00:00
Samba Root File System Access Security Bypass (CVE-2009-0022)
2014-05-07 00:00:00

6.6 Medium

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:C/I:N/A:P

0.806 High

EPSS

Percentile

98.3%

JSON
Related for OPENVAS:136141256231063122
nessus19fedora6openvas62slackware2debiancve2ubuntu2prion2securityvulns4freebsd1cve2ubuntucve2seebug2samba2gentoo1checkpoint_advisories2