Unsolved
This post is more than 5 years old
2 Posts
0
972
June 3rd, 2015 09:00
Samba Vulnerability with Data Domain (CVE-2013-4408, CVE-2012-6150)
Greetings -
Qualys has identified that our DD860 running DDOS 5.5.0.9 is vulnerable to CVE-2013-4408 and CVE-2012-6150 QID 70070 Samba 3.0.35 are an issue. Can someone confirm if this is indeed true or just a false positive?
Thanks in advance,
Demetrius Malbrough
No Events found!
kparrotte
40 Posts
0
June 4th, 2015 05:00
I found the following on the Web...
https://samba.org/samba/security/CVE-2012-6150
https://samba.org/samba/security/CVE-2013-4408
Samba - Security Announcement Archive
I did not see 3.0.35 there, but you should take a look yourself.
Hope this helps
demetrius_malbr
2 Posts
0
June 4th, 2015 06:00
KParrotte,
Thanks for your reply and providing the direct links to those vulnerabilities.
Qualys scanning software to identify these vulnerabilities in our environment and 3.0.35 was listed, but now I see these CVE’s need much higher versions.
I need to know if this is a true Security Vulnerability for Data Domain DDOS version 5.5.0.9? Or is this addressed in a higher DDOS version?
Regards,
Demetrius Malbrough
Data Backup Solutions Architect
Dell | Data Protection Services, U.S.A
Office +1 972.577.2726
Mobile +1 678.386.5044
demetrius_malbrough@dell.com