CentOS Update For Samba CESA-2010:0488 Centos3 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-2063) Red Hat would like to thank the Samba team for responsibly reporting this issue. Upstream acknowledges Jun Mao as the original reporter. Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.

Affected

samba on CentOS 3

References

http://lists.centos.org/pipermail/centos-announce/2010-August/016910.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2063

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1204 (apr)
CentOS Security Advisory CESA-2009:0420 (ghostscript)
CentOS Security Advisory CESA-2009:0270 (gstreamer-plugins)
CentOS Security Advisory CESA-2009:0269 (gstreamer-plugins)
CentOS Security Advisory CESA-2009:1218 (pidgin)

CentOS Update for samba CESA-2010:0488 centos3 i386

Take action and discover your vulnerabilities