Oval Definition:oval:org.mitre.oval:def:13986
Revision Date:2014-06-30Version:20
Title:USN-702-1 -- samba vulnerability
Description:Gunter Höckel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares are enabled on the server by setting "registry shares = yes", "include = registry", or "config backend = registry", which is not the default.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0022
USN-702-1
USN-702-1
Platform(s):Ubuntu 8.10
Product(s):samba
Definition Synopsis
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • samba-doc DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR samba-doc-pdf DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • smbfs DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR samba DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR swat DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR samba-tools DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR libsmbclient DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR smbclient DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR winbind DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR libwbclient0 DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR libpam-smbpass DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR libsmbclient-dev DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR samba-common DPKG is earlier than 2:3.2.3-1ubuntu3.4
  • OR samba-dbg DPKG is earlier than 2:3.2.3-1ubuntu3.4
    • BACK