Samba < 2.2.8a / 3.0.0 Multiple Remote Overflows

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

Arbitrary code may be run on the remote server.

Description :

The remote Samba server is vulnerable to a buffer overflow when it
calls the function trans2open(). An attacker may exploit this flaw to
gain a root shell on this host.

In addition, it is reported that this version of Samba is vulnerable
to additional overflows, although Nessus has not checked for them.

Solution :

Upgrade to Samba 2.2.8a or 3.0.0.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11523 ()

Bugtraq ID: 7294
7295

CVE ID: CVE-2003-0196
CVE-2003-0201