This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Samba server is affected by a denial of service
According to its banner, the version of Samba running on the remote
host is 3.x prior to 3.5.22, 3.6.x prior to 3.6.17 or 4.0.x prior to
4.0.8. It is, therefore, potentially affected by a denial of service
An integer overflow error exists in the function 'read_nttrans_ea_lis'
in the file 'nttrans.c' that could allow denial of service attacks to be
carried out via specially crafted network traffic.
Note if 'guest' connections are allowed, this issue can be exploited by
a remote, unauthenticated attacker.
Further note that Nessus has relied only on the self-reported version
number and has not actually tried to exploit this issue or determine if
the associated patch has been applied.
See also :
Either install the patch referenced in the project's advisory, or
upgrade to version 3.5.22 / 3.6.17 / 4.0.8 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true
Nessus Plugin ID: 69276 ()
Bugtraq ID: 61597
CVE ID: CVE-2013-4124
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.