This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Samba server may be affected one or more vulnerabilities.
According to its banner, the version of the Samba server on the remote
host contains a boundary error in the 'reply_netbios_packet()'
function in 'nmbd/nmbd_packets.c' when sending NetBIOS replies.
Provided the server is configured to run as a WINS server, a remote
attacker can exploit this issue by sending multiple specially crafted
WINS 'Name Registration' requests followed by a WINS 'Name Query'
request, leading to a stack-based buffer overflow. This could also
allow for the execution of arbitrary code.
There is also a stack buffer overflow in nmbd's logon request
processing code that can be triggered by means of specially crafted
GETDC mailslot requests when the affected server is configured as a
Primary or Backup Domain Controller. Note that the Samba security team
currently does not believe this particular issue can be exploited to
execute arbitrary code remotely.
See also :
Upgrade to Samba version 3.0.27 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false