Samba < 2.2.8 Multiple Vulnerabilities

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

Arbitrary code may be run on the remote server.

Description :

The remote Samba server, according to its version number, is vulnerable
to a remote buffer overflow when receiving specially crafted SMB
fragment packets.

An attacker needs to be able to access at least one share to exploit
this flaw.

In addition, it is reported that Samba contains a flaw
related to the handling of .reg files that may allow
a local user to overwrite arbitrary file.

Solution :

Upgrade to Samba 2.2.8.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11398 ()

Bugtraq ID: 7106
7107

CVE ID: CVE-2003-0085
CVE-2003-0086