SuSE 10 Security Update : Samba (ZYPP Patch Number 1961)

medium Nessus Plugin ID 29574

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

- Fix pam config file parsing in pam_winbind; bso [#3916].

- Prevent potential crash in winbindd's credential cache handling; [#184450].

- Fix memory exhaustion DoS; CVE-2006-3403; [#190468].

- Fix the munlock call, samba.org svn rev r16755 from Volker.

- Change the kerberos principal for LDAP authentication to netbios-name$@realm from host/name@realm; [#184450].

- Ensure to link all required libraries to libnss_wins;
[#184306].

- Change log level of debug message to avaoid flodded nmbd log; [#157623].

- Add 'usershare allow guests = Yes' to the default config; [#144787].

- Fix syntax error in configure script.

Solution

Apply ZYPP patch number 1961.

See Also

http://support.novell.com/security/cve/CVE-2006-3403.html

Plugin Details

Severity: Medium

ID: 29574

File Name: suse_samba-1961.nasl

Version: 1.13

Type: local

Agent: unix

Published: 12/13/2007

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/9/2006

Reference Information

CVE: CVE-2006-3403