icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Samba < 2.0.10 Remote Arbitrary File Overwrite

Synopsis

The remote SAMBA server allows anonymous users to gain 'root' access.

Description

The remote Samba server is be vulnerable to a remote file creation vulnerability. This vulnerability allows an attacker overwrite arbitrary files by supplying an arbitrartily formed NetBIOS machine name to this server, and to potentially become root on this host.

Solution

Upgrade to Samba 2.0.10, 2.2.0a or higher