| VID |
23204 |
| Severity |
40 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
A version of Samba server which is older than 3.0.27 is detected as running on the host. Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions 3.0.x prior to 3.0.27 are vulnerable to multiple buffer overflow and remote command injection vulnerabilities as follows:
- Stack buffer overflow in nmbd's logon request processing (CVE-2007-4572)
- Remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed by name query requests (CVE-2007-5398)
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://us1.samba.org/samba/security/CVE-2007-4572.html
http://us1.samba.org/samba/security/CVE-2007-5398.html
http://www.securityfocus.com/archive/1/483744
http://www.securityfocus.com/archive/1/483742
http://www.securityfocus.com/archive/1/483743
http://secunia.com/secunia_research/2007-90/advisory/
http://www.frsirt.com/english/advisories/2007/3869
* Platforms Affected:
Samba Project, Samba versions 3.0.x prior to 3.0.27
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.27 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2007-4572,CVE-2007-5398 (CVE) |
| Related URL |
26454,26455 (SecurityFocus) |
| Related URL |
38501,38502 (ISS) |
|
