Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Misc. --> Category: infos

Samba < 3.0.24 Multiple Flaws Vulnerability Scan

Vulnerability Scan Summary
Checks the version of Samba

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote Samba server is vulnerable to multiple vulnerabilies which
might lead to remote code execution

Description :

According to its version number, the remote Samba server is affected
by several flaws :

- A denial of service issue occuring if an authenticated attacker sends
a large number of CIFS session requests which will cause an infinite loop
to occur in the smbd daemon, thus utilizing CPU resources and denying access
to legitimate users

- A remote format string vulnerability which may be exploited by a possible hacker
with write access to a remote share by sending a malformed request to
the remote service (this issue only affects installations sharing an
AFS file system when the VFS module is loaded)

- A remote buffer overflow vulnerability affecting the NSS lookup capability
of the remote winbindd daemon

Solution :

Upgrade to Samba 3.0.24 or newer

Threat Level:

High / CVSS Base Score : 7.0

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.