Oplossingen voor kwetsbaarheid

De Nimsoft Cloud Monitor Periodieke Kwetsbaarheidscan controleert op onderstaande kwetsbaarheden. De meest recent toegevoegde oplossingen voor kwetsbaarheid die door Nimsoft Cloud Monitor worden gescand vindt u in het overzicht Oplossingen voor kwetsbaarheid

Categorie: Misc. Risicofactor: High Toegevoegd: 13 mrt 2010
Synopsis:

The remote file server is vulnerable to a security bypass attack.

Description:

The remote Samba server is potentially affected by a security bypass vulnerability because of a flaw that causes all smbd processes, when libcap support is enabled, to inherit 'CAP_DAC_OVERRIDE' capabilities, which in turn causes all file system access to be allowed even when permissions should have been denied.

A remote, authenticated attacker may be able to exploit this flaw to gain access to sensitive information on Samba shares that are accessible to their user id.

See also:

http://us1.samba.org/samba/security/CVE-2010-0728.html
https://bugzilla.samba.org/show_bug.cgi?id=7222
http://www.samba.org/samba/security/

Solution:

Upgrade to Samba 3.3.12, 3.4.7, 3.5.1, or later.

Risk factor:

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)