| VID |
23036 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The Samba-TNG server, according to its version number, may be vulnerable to multiple flaws.
The Samba-TNG team announces a new version of Samba-TNG with two serious security fixes.
The first hole was discovered in the Samba package by Sebastian Kramer from SuSE. The second hole is a bug in the security context management code, discovered by Elrond from Samba-TNG. These vulnerabilities could allow a remote attacker to gain root privileges on the target system.
* Note: This check solely relied on the version number of the remote Samba server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/316064
* Platforms Affected:
Samba-TNG prior to 0.3.1 |
| Recommendation |
Upgrade to the latest version of Samba-TNG (0.3.1 or later), available from the Samba-TNG download page:
http://www.samba-tng.org/download.html |
| Related URL |
CVE-2003-0085 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
