This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Greg MacManus, iDEFENSE Labs reports :
Remote exploitation of an integer overflow vulnerability in the smbd
daemon included in Samba 2.0.x, Samba 2.2.x, and Samba 3.0.x prior to
and including 3.0.9 could allow an attacker to cause controllable heap
corruption, leading to execution of arbitrary commands with root
Successful remote exploitation allows an attacker to gain root
privileges on a vulnerable system. In order to exploit this
vulnerability an attacker must possess credentials that allow access
to a share on the Samba server. Unsuccessful exploitation attempts
will cause the process serving the request to crash with signal 11,
and may leave evidence of an attack in logs.
See also :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0