| VID |
23181 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
A version of Samba server which is older than 3.0.24 is detected as running on the host. Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions 3.0.x prior to 3.0.24 are vulnerable to multiple vulnerabilies which might lead to remote code execution as follows:
- CIFS Session Request Denial of Service Vulnerability (CVE-2007-0452) :Denial of Service
- Format String Vulnerability in VFS Plugin (CVE-2007-0454) :Remote Code Execution
- Buffer Overflow Vulnerability in Winbindd Daemon (CVE-2007-0453) :Remote Code Execution
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2007-02/0038.html
http://archives.neohapsis.com/archives/bugtraq/2007-02/0039.html
http://archives.neohapsis.com/archives/bugtraq/2007-02/0045.html
http://securitytracker.com/alerts/2007/Feb/1017587.html
http://securitytracker.com/alerts/2007/Feb/1017588.html
http://securitytracker.com/alerts/2007/Feb/1017589.html
http://secunia.com/advisories/24046/
http://www.kb.cert.org/vuls/id/649732
* Platforms Affected:
Samba Project, Samba versions 3.0.x prior to 3.0.24
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.24 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2007-0452,CVE-2007-0453,CVE-2007-0454 (CVE) |
| Related URL |
22395,22403,22410 (SecurityFocus) |
| Related URL |
32231,32301,32304 (ISS) |
|
