Samba < 3.0.25 Multiple Vulnerabilities

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote Samba server is affected by multiple vulnerabilities.

Description :

According to its banner, the version of the Samba server installed on
the remote host is affected by multiple buffer overflow and remote
command injection vulnerabilities, which can be exploited remotely, as
well as a local privilege escalation bug.

See also :

http://www.samba.org/samba/security/CVE-2007-2444.html
http://www.samba.org/samba/security/CVE-2007-2446.html
http://www.samba.org/samba/security/CVE-2007-2447.html

Solution :

Upgrade to Samba version 3.0.25 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 25217 ()

Bugtraq ID: 23972
23973
23974
24195
24196
24197
24198

CVE ID: CVE-2007-2444
CVE-2007-2446
CVE-2007-2447