Samba < 3.0.24 Multiple Flaws

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote Samba server is affected by several vulnerabilities that
could lead to remote code execution

Description :

According to its version number, the remote Samba server is affected
by several flaws :

- A denial of service issue occuring if an authenticated
attacker sends a large number of CIFS session requests
which will cause an infinite loop to occur in the smbd
daemon, thus utilizing CPU resources and denying access
to legitimate users


- A remote format string vulnerability that could be
exploited by an attacker with write access to a remote
share by sending a malformed request to the remote
service (this issue only affects installations sharing
an AFS file system when the afsacl.so VFS module is
loaded)

- A remote buffer overflow vulnerability affecting the NSS
lookup capability of the remote winbindd daemon

Solution :

Upgrade to Samba 3.0.24 or newer

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 24685 ()

Bugtraq ID: 22395
22403
22410

CVE ID: CVE-2007-0452
CVE-2007-0453
CVE-2007-0454