| VID |
23220 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
According to its banner, the version of the Samba server on the remote host is between 3.2.0 and 3.2.6 inclusive. Such versions reportedly allow an authenticated remote user to gain access to the root filesystem, subject to his or her privileges, by making a request for
a share called ' (empty string) from a version of smbclient prior to 3.0.28. Successful exploitation of this issue requires 'registry shares' to be enabled, which is not enabled by default.
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://www.samba.org/samba/security/CVE-2009-0022.html
http://www.samba.org/samba/history/samba-3.2.7.html
* Platforms Affected:
Samba Project, Samba versions prior to 3.2.6
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.35 / 3.2.13 / 3.3.6 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2009-0022 (CVE) |
| Related URL |
33118 (SecurityFocus) |
| Related URL |
(ISS) |
|
