This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Samba server is affected by a permissions vulnerability.
According to its banner, the version of Samba running on the remote
host is 4.x prior to 4.0.4 and is, therefore, potentially affected by a
file permissions vulnerability.
Files on Active Directory Domain Controllers(AD DC) may be created with
world-writeable permissions when additional CIFS file shares are created
on the AD DC.
Note that this issue does not affect the AD DC by default and thus, does
not affect files in the 'sysvol' and 'netlogon' shares. Further,
installs configured as standalone server, domain member, file server,
classic domain controller and installs built with '--without-ad-dc' are
not affected. However, it does affect files on shares with simple Unix
Further note that Nessus has relied only on the self-reported version
number and has not actually tried to exploit this issue, or determine if
the associated patch has been applied.
See also :
Either install the patch referenced in the project's advisory, or
upgrade to 4.0.4 or later.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 2.9
Public Exploit Available : true
Nessus Plugin ID: 65631 ()
Bugtraq ID: 58596
CVE ID: CVE-2013-1863
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.