| VID |
23196 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
A version of Samba server which is older than 3.0.25 is detected as running on the host. Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions 3.0.x prior to 3.0.25 are vulnerable to multiple buffer overflow and remote command injection vulnerabilities as follows:
- Local SID/Name translation bug (CVE-2007-2444) :Privilege Escalation
- Multiple heap overflows (CVE-2007-2446) :Remote Code Execution
- Unescaped user input parameters (CVE-2007-2447) :Remote Command Execution
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://www.samba.org/samba/security/CVE-2007-2444.html
http://www.samba.org/samba/security/CVE-2007-2446.html
http://www.samba.org/samba/security/CVE-2007-2447.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534
http://www.zerodayinitiative.com/advisories/ZDI-07-029.html
http://www.zerodayinitiative.com/advisories/ZDI-07-030.html
http://www.zerodayinitiative.com/advisories/ZDI-07-031.html
http://www.zerodayinitiative.com/advisories/ZDI-07-032.html
http://www.zerodayinitiative.com/advisories/ZDI-07-033.html
http://www.kb.cert.org/vuls/id/268336
http://www.kb.cert.org/vuls/id/773720
http://secunia.com/advisories/25232/
* Platforms Affected:
Samba Project, Samba versions 3.0.x prior to 3.0.25
Samba Project, Samba versions 3.0.25pre(0~2)
Samba Project, Samba versions 3.0.25rc(0~3)
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.25 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2007-2444,CVE-2007-2446,CVE-2007-2447 (CVE) |
| Related URL |
23972,23973,23974,24195,24196,24197,24198 (SecurityFocus) |
| Related URL |
34307,34309,34311,34312,34314,34315,34316 (ISS) |
|
