| VID |
23218 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
A version of Samba server which is older than 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 is detected as running on the host. Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions prior to 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 are multiple vulnerabilities as follows:
- If a user in '/etc/passwd' is misconfigured to have an empty home directory, then connecting to the home share of this user will use the root of the file system as the
home directory. (CVE-2009-2813)
- Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% loop, causing a denial of service. (CVE-2009-2906)
- When 'mount.cifs' is installed as a setuid program, a user can pass it a credential or password path to which he or she does not have access and then use the
'--verbose' option to view the first line of that file. (CVE-2009-2948)
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://www.samba.org/samba/security/CVE-2009-2906.html
http://www.samba.org/samba/security/CVE-2009-2948.html
http://www.samba.org/samba/security/CVE-2009-2813.html
* Platforms Affected:
Samba Project, Samba versions prior to 3.0.37 / 3.2.15 / 3.3.8 / 3.4.2
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.37 / 3.2.15 / 3.3.8 / 3.4.2 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2009-2813,CVE-2009-2906,CVE-2009-2948 (CVE) |
| Related URL |
36572,36573 (SecurityFocus) |
| Related URL |
(ISS) |
|
