Detections
Analytics
Debian DSA-280-1 : samba - buffer overflow
critical Nessus Plugin ID 15117
Synopsis
The remote Debian host is missing a security-related update.Description
Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in Samba, a LanManager-like file and printer server for Unix. This vulnerability can lead to an anonymous user gaining root access on a Samba serving system. An exploit for this problem is already circulating and in use.Since the packages for potato are quite old it is likely that they contain more security-relevant bugs that we don't know of. You are therefore advised to upgrade your systems running Samba to woody soon.
Unofficial backported packages from the Samba maintainers for version 2.2.8 of Samba for woody are available at ~peloy and ~vorlon.
Solution
Upgrade the Samba packages immediately.For the stable distribution (woody) this problem has been fixed in version 2.2.3a-12.3.
For the old stable distribution (potato) this problem has been fixed in version 2.0.7-5.1.
See Also
https://people.debian.org/~peloy/samba/
Plugin Details
Severity: Critical
ID: 15117
File Name: debian_DSA-280.nasl
Version: 1.28
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 9/29/2004
Updated: 1/4/2021
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:samba, cpe:/o:debian:debian_linux:2.2, cpe:/o:debian:debian_linux:3.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/7/2003
Vulnerability Publication Date: 4/7/2003
Exploitable With
CANVAS (CANVAS)
Metasploit (Samba trans2open Overflow (Solaris SPARC))
Reference Information
CVE: CVE-2003-0196, CVE-2003-0201
CERT: 267873
DSA: 280