| VID |
23089 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The Samba server, according to its version number, contains multiple denial of service vulnerabilities.
Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions prior to 3.0.7 are vulnerable to multiple denial of service vulnerabilities, caused by a failure to properly parse ASN.1 and MailSlot packets. An unauthenticated remote attacker could cause a resource exhaustion attack by sending a specially crafted ASN.1 packet during the authentication request to an affected server. This vulnerability can be used repeatedly to cause a denial of service to the victim's server consuming all available resources. Another vulnerability could allow a remote attacker to crash the remote nmbd process by sending a malformed NetBIOS packet.
* Note: This check solely relied on the version number of the remote Samba server to assess this vulnerability, so this might be a false positive.
* References:
http://www.idefense.com/application/poi/display?id=138&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
* Platforms Affected:
Samba Project, Samba prior to 3.0.7
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.7 or later), available from the Samba Web site at http://us4.samba.org/samba/history/samba-3.0.7.html
For Gentoo Linux:
Upgrade to the latest version of Samba (3.0.7 or later), as listed in Gentoo Linux Security Advisory GLSA 200409-16 at http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
For Slackware Linux:
Upgrade to the latest Samba package, as listed in slackware-security Mailing List, Mon, 13 Sep 2004 23:31:52 -0700 (PDT) at http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.372415
For Mandrake Linux:
Upgrade to the latest samba package, as listed in MandrakeSoft Security Advisory MDKSA-2004:092 at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
For OpenPKG:
Upgrade to the latest Samba package, as listed in OpenPKG Security Advisory OpenPKG-SA-2004.040 at http://www.openpkg.org/security/OpenPKG-SA-2004.040-samba.html
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2004-0807,CVE-2004-0808 (CVE) |
| Related URL |
11156 (SecurityFocus) |
| Related URL |
17325,17326 (ISS) |
|
