This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A buffer overflow flaw was found in the way Samba creates NetBIOS
replies. If a Samba server is configured to run as a WINS server, a
remote unauthenticated user could cause the Samba server to crash or
execute arbitrary code. (CVE-2007-5398)
A heap based buffer overflow flaw was found in the way Samba
authenticates users. A remote unauthenticated user could trigger this
flaw to cause the Samba server to crash. Careful analysis of this flaw
has determined that arbitrary code execution is not possible, and
under most circumstances will not result in a crash of the Samba
A flaw was found in the way Samba assigned group IDs under certain
conditions. If the 'winbind nss info' parameter in smb.conf is set to
either 'sfu' or 'rfc2307', Samba users are incorrectly assigned the
group ID of 0. (CVE-2007-4138)
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60309 ()
CVE ID: CVE-2007-4138CVE-2007-4572CVE-2007-5398
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.