LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Heap Overflow en SAMBA (http://www.linuxquestions.org/questions/linux-security-4/heap-overflow-en-samba-4175438998/)

edeamat 11-27-2012 07:31 PM

Heap Overflow en SAMBA
 
Hi Colleagues,

I need your help as soon as possible. I used a nessus to scan the vulnerabilities about samba and nessus found this issue:

Heap Overflow en SAMBA (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0870)

How can I find the solution? I'm a bit confused because in Red Hat page talks about Samba and Samba 3x.

My actual version is: 3.0.33-3.28.el5

I get the version with this command: rpm -qi samba

Thank you very much for your help.

Regards,

Eduardo

unSpawn 11-27-2012 08:31 PM

I don't know how old your 3.28 patch version is but 3.0.33-3.38 (RHEL-5U8 current is 3.39), built way back on 2012-Apr-10, already fixed CVE-2012-0870.

edeamat 11-28-2012 06:18 PM

Thank you very much for your help.

Tell me is it possible to download rpm and upgrade version to my Red Hat without connect to the register server.......I have a small server for testing and this server is not connected to the internet for security purpose.

Regards.

unSpawn 11-28-2012 07:35 PM

Quote:

Originally Posted by edeamat (Post 4839116)
is it possible to download rpm and upgrade version to my Red Hat without connect to the register server

As you are well aware aware accessing the Red Hat Network requires an account and that accessing software updates via RHN requires a subscription.
Asking for ways to circumvent that is unlawful, unethical and against the LQ Rules.
Do not ever try that again.
Thread closed.


All times are GMT -5. The time now is 11:15 AM.