Detections
Analytics
Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20140805)
high Nessus Plugin ID 77017
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges.(CVE-2014-3560)
After installing this update, the smb service will be restarted automatically.
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 77017
File Name: sl_20140805_samba4_on_SL6_x.nasl
Version: 1.9
Type: local
Agent: unix
Published: 8/6/2014
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.9
Vector: CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:fermilab:scientific_linux:samba4, p-cpe:/a:fermilab:scientific_linux:samba4-client, p-cpe:/a:fermilab:scientific_linux:samba4-common, p-cpe:/a:fermilab:scientific_linux:samba4-dc, p-cpe:/a:fermilab:scientific_linux:samba4-dc-libs, p-cpe:/a:fermilab:scientific_linux:samba4-debuginfo, p-cpe:/a:fermilab:scientific_linux:samba4-devel, p-cpe:/a:fermilab:scientific_linux:samba4-libs, p-cpe:/a:fermilab:scientific_linux:samba4-pidl, p-cpe:/a:fermilab:scientific_linux:samba4-python, p-cpe:/a:fermilab:scientific_linux:samba4-swat, p-cpe:/a:fermilab:scientific_linux:samba4-test, p-cpe:/a:fermilab:scientific_linux:samba4-winbind, p-cpe:/a:fermilab:scientific_linux:samba4-winbind-clients, p-cpe:/a:fermilab:scientific_linux:samba4-winbind-krb5-locator, x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Patch Publication Date: 8/5/2014
Vulnerability Publication Date: 8/6/2014
Reference Information
CVE: CVE-2014-3560