home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2001-040.nasl

< prev

next >

Wrap

Text File  |  2005-01-14  |  3KB  |  106 lines

---

1. #
2. # (C) Tenable Network Security
3. #
4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2001:040-1
5. #
6.  
7.  
8. if ( ! defined_func("bn_random") ) exit(0);
9. if(description)
10. {
11.  script_id(13860);
12.  script_version ("$Revision: 1.3 $");
13.  
14.  name["english"] = "MDKSA-2001:040-1: samba";
15.  
16.  script_name(english:name["english"]);
17.  
18.  desc["english"] = "
19. The remote host is missing the patch for the advisory MDKSA-2001:040-1 (samba).
20.  
21.  
22. A vulnerability found by Marcus Meissner exists in Samba where it was not
23. creating temporary files safely which could allow local users to overwrite files
24. that they may not have access to. This happens when a remote user queried a
25. printer queue and samba would create a temporary file in which the queue's data
26. was written. Because Samba created the file insecurely and used a predictable
27. filename, a local attacker could cause Samba to overwrite files that the
28. attacker did not have access to. As well, the smbclient 'more' and 'mput'
29. commands also created temporary files insecurely.
30. The vulnerability is present in Samba 2.0.7 and lower. 2.0.8 and 2.2.0 correct
31. this behaviour.
32. Update:
33. The Samba 2.0.8 release did not entirely fix the temporary file issues in
34. previous versions. The Samba team released 2.0.9 recently which does fix these
35. problems completely. As well, the 8.0 packages will now not attempt to use
36. /root/tmp as the temporary directory, but /var/tmp.
37.  
38.  
39. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2001:040-1
40. Risk factor : High";
41.  
42.  
43.  
44.  script_description(english:desc["english"]);
45.  
46.  summary["english"] = "Check for the version of the samba package";
47.  script_summary(english:summary["english"]);
48.  
49.  script_category(ACT_GATHER_INFO);
50.  
51.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
52.  family["english"] = "Mandrake Local Security Checks";
53.  script_family(english:family["english"]);
54.  
55.  script_dependencies("ssh_get_info.nasl");
56.  script_require_keys("Host/Mandrake/rpm-list");
57.  exit(0);
58. }
59.  
60. include("rpm.inc");
61. if ( rpm_check( reference:"samba-2.0.9-1.2mdk", release:"MDK7.1", yank:"mdk") )
62. {
63.  security_hole(0);
64.  exit(0);
65. }
66. if ( rpm_check( reference:"samba-client-2.0.9-1.2mdk", release:"MDK7.1", yank:"mdk") )
67. {
68.  security_hole(0);
69.  exit(0);
70. }
71. if ( rpm_check( reference:"samba-common-2.0.9-1.2mdk", release:"MDK7.1", yank:"mdk") )
72. {
73.  security_hole(0);
74.  exit(0);
75. }
76. if ( rpm_check( reference:"samba-2.0.9-1.1mdk", release:"MDK7.2", yank:"mdk") )
77. {
78.  security_hole(0);
79.  exit(0);
80. }
81. if ( rpm_check( reference:"samba-client-2.0.9-1.1mdk", release:"MDK7.2", yank:"mdk") )
82. {
83.  security_hole(0);
84.  exit(0);
85. }
86. if ( rpm_check( reference:"samba-common-2.0.9-1.1mdk", release:"MDK7.2", yank:"mdk") )
87. {
88.  security_hole(0);
89.  exit(0);
90. }
91. if ( rpm_check( reference:"samba-2.0.9-1.3mdk", release:"MDK8.0", yank:"mdk") )
92. {
93.  security_hole(0);
94.  exit(0);
95. }
96. if ( rpm_check( reference:"samba-client-2.0.9-1.3mdk", release:"MDK8.0", yank:"mdk") )
97. {
98.  security_hole(0);
99.  exit(0);
100. }
101. if ( rpm_check( reference:"samba-common-2.0.9-1.3mdk", release:"MDK8.0", yank:"mdk") )
102. {
103.  security_hole(0);
104.  exit(0);
105. }
106.