Family: Denial of Service --> Category: infos
Samba ASN.1 Denial of Service Vulnerability Scan
Vulnerability Scan Summary
checks samba version
Detailed Explanation for this Vulnerability Test
The remote Samba server, according to its version number, is vulnerable
to a denial of service.
There is a bug in the remote smbd ASN.1 parsin, which may allow a possible hacker
to cause a denial of service attack against the remote host by sending
a specially crafted ASN.1 packet during the authentication request which
may make the newly-spawned smbd process run into an infinite loop. By
establishing multiple connections and sending such packets, a possible hacker
may consume all the CPU and memory of the remote host, thus crashing it
Another bug may allow a possible hacker to crash the remote nmbd process by
sending a malformed NetBIOS packet.
Solution : Upgrade to Samba 3.0.7
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.