SuSE Update For Samba SUSE-SA:2010:025 Network Vulnerability

Impact

potential remote code execution

Solution

Please Install the Updated Packages.

Insight

The Samba server was updated to fix security issues and bugs. Following security issues were fixed: CVE-2010-2063: A buffer overrun was possible in chain_reply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-0787: Take extra care that a mount point of mount.cifs isn't changed during mount. Also the following bugs were fixed: - Honor &quot interfaces&quot list in net ad dns register. (bnc#606947) - An uninitialized variable read could cause an smbd crash (bso#7254) (bnc#605935).

Affected

samba on openSUSE 11.0, openSUSE 11.1, SUSE SLES 9

References

http://www.novell.com/linux/security/advisories/2010_25_samba.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0787, CVE-2010-2063

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for Linux Kernel (x86)
SLES10: Security update for Mozilla NSS
SLES10: Security update for OpenEXR
SLES10: Security update for multipath-tools
SLES10: Security update for libxml2

SuSE Update for samba SUSE-SA:2010:025

Take action and discover your vulnerabilities