Oval Definition:oval:org.mitre.oval:def:13168
Revision Date:2015-02-23Version:22
Title:DSA-2004-1 samba -- several
Description:Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3297 Ronald Volgers discovered that a race condition in mount.cifs allows local users to mount remote filesystems over arbitrary mount points. CVE-2010-0547 Jeff Layton discovered that missing input sanitising in mount.cifs allows denial of service by corrupting /etc/mtab. For the stable distribution, these problems have been fixed in version 2:3.2.5-4lenny9. For the unstable distribution, these problems have been fixed in version 2:3.4.5~dfsg-2. We recommend that you upgrade your samba packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3297
CVE-2010-0547
DSA-2004-1
Platform(s):Debian GNU/Linux 5.0
Product(s):samba
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • samba-doc DPKG is earlier than 2:3.2.5-4lenny9
  • OR samba-doc-pdf DPKG is earlier than 2:3.2.5-4lenny9
  • OR smbfs DPKG is earlier than 2:3.2.5-4lenny9
  • OR samba DPKG is earlier than 2:3.2.5-4lenny9
  • OR samba-tools DPKG is earlier than 2:3.2.5-4lenny9
  • OR libsmbclient DPKG is earlier than 2:3.2.5-4lenny9
  • OR smbclient DPKG is earlier than 2:3.2.5-4lenny9
  • OR libwbclient0 DPKG is earlier than 2:3.2.5-4lenny9
  • OR swat DPKG is earlier than 2:3.2.5-4lenny9
  • OR winbind DPKG is earlier than 2:3.2.5-4lenny9
  • OR samba-dbg DPKG is earlier than 2:3.2.5-4lenny9
  • OR libsmbclient-dev DPKG is earlier than 2:3.2.5-4lenny9
  • OR samba-common DPKG is earlier than 2:3.2.5-4lenny9
  • OR libpam-smbpass DPKG is earlier than 2:3.2.5-4lenny9
    • BACK