This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Samba server may be affected one or more vulnerabilities.
According to its banner, the version of the Samba server on the remote
host contains a boundary error in the 'reply_netbios_packet()'
function in 'nmbd/nmbd_packets.c' when sending NetBIOS replies.
Provided the server is configured to run as a WINS server, a remote
attacker can exploit this issue by sending multiple specially crafted
WINS 'Name Registration' requests followed by a WINS 'Name Query'
request, leading to a stack-based buffer overflow. This could also
allow for the execution of arbitrary code.
There is also a stack buffer overflow in nmbd's logon request
processing code that can be triggered by means of specially crafted
GETDC mailslot requests when the affected server is configured as a
Primary or Backup Domain Controller. Note that the Samba security team
currently does not believe this particular issue can be exploited to
execute arbitrary code remotely.
See also :
Upgrade to Samba version 3.0.27 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Nessus Plugin ID: 28228 ()
Bugtraq ID: 2645426455
CVE ID: CVE-2007-4572CVE-2007-5398
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.