This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote Samba server is potentially affected by multiple
According to its banner, the version of Samba running on the remote
host is 4.x prior to 4.0.18 and is, therefore, potentially affected by
the following vulnerabilities :
- An error exists related to 'GET_SHADOW_COPY_DATA' or
'FSCTL_SRV_ENUMERATE_SNAPSHOTS' request handling and
'vfs objects' parameter configurations of 'shadow_copy'
or 'shadow_copy2' that could allow disclosure of
uninitialized memory contents. (CVE-2014-0178)
- An error exists related to handling the 'reply' flag
DNS packet headers that could allow denial of service
Note that Nessus has relied only on the self-reported version number
and has not actually tried to exploit these issues or determine if the
associated patch has been applied.
See also :
Either install the patch referenced in the project's advisory, or
upgrade to 4.0.18 or later.
Alternatively, refer to the vendor advisories and apply the suggested
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false