This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been found and corrected in samba :
Integer overflow in the read_nttrans_ea_list function in nttrans.c in
smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before
4.0.8 allows remote attackers to cause a denial of service (memory
consumption) via a malformed packet (CVE-2013-4124).
The updated packages for Enterprise Server 5.2 has been patched to
correct this issue.
The updated packages for Business Server 1 has been upgraded to the
3.6.17 version which resolves many upstream bugs and is not vulnerable
to this issue. Additionally the libtevent packages are being provided
which is a requirement since samba 3.6.16.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true