FreeBSD : samba -- integer overflow vulnerability (3b3676be-52e1-11d9-a9e7-0001020eed82)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Greg MacManus, iDEFENSE Labs reports :

Remote exploitation of an integer overflow vulnerability in the smbd
daemon included in Samba 2.0.x, Samba 2.2.x, and Samba 3.0.x prior to
and including 3.0.9 could allow an attacker to cause controllable heap
corruption, leading to execution of arbitrary commands with root
privileges.

Successful remote exploitation allows an attacker to gain root
privileges on a vulnerable system. In order to exploit this
vulnerability an attacker must possess credentials that allow access
to a share on the Samba server. Unsuccessful exploitation attempts
will cause the process serving the request to crash with signal 11,
and may leave evidence of an attack in logs.

See also :

http://www.nessus.org/u?847343d8
http://www.samba.org/samba/security/CVE-2004-1154.html
http://www.nessus.org/u?f9317bec

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18904 (freebsd_pkg_3b3676be52e111d9a9e70001020eed82.nasl)

Bugtraq ID:

CVE ID: CVE-2004-1154

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now