icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Samba < 3.6.22 / 4.0.13 / 4.1.3 Multiple Vulnerabilities

High

Synopsis

The remote Samba server is affected by multiple vulnerabilities.

Description

According to its banner, the version of Samba running on this system (i.e., earlier than 3.6.22 / 4.0.13 / 4.1.3) contain the following known vulnerabilities:

- A security bypass vulnerability via the 'winbind_name_list_to_sid_string_list()' that would allow a malicious authenticated user to modify the 'pam_winbind' configuration file. (CVE-2012-6150)

- A buffer overflow vulnerability in the 'dcerpc_read_ncacn_packet_done()' function that can allow remote AD domain controllers to execute arbitrary code (CVE-2013-4408)

- ACLs were not checked when opening files with alternate data streams, though this issue is only exploitable if the VFS modules vfs_streams_depot and/or vfs_streams_xattr are used. (CVE-2013-4475)

Solution

Install the patch referenced in the project's advisory, or upgrade to 3.6.22 / 4.0.13 / 4.1.3 or later.