Mandrake Linux Security Advisory : samba (MDKSA-2002:081)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandrake Linux host is missing one or more security

Description :

A vulnerability in samba versions 2.2.2 through 2.2.6 was discovered
by the Debian samba maintainers. A bug in the length checking for
encrypted password change requests from clients could be exploited
using a buffer overrun attack on the smbd stack. This attack would
have to crafted in such a way that converting a DOS codepage string to
little endian UCS2 unicode would translate into an executable block of

This vulnerability has been fixed in samba version 2.2.7, and the
updated packages have had a patch applied to fix the problem.

See also :

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13979 (mandrake_MDKSA-2002-081.nasl)

Bugtraq ID:

CVE ID: CVE-2002-1318

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now