This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote Samba server is potentially affected by multiple
According to its banner, the version of Samba running on the remote
host is 3.5.x or 3.6.x prior to 3.6.25 / 4.1.x prior to 4.1.8. It is,
therefore, potentially affected by the following vulnerabilities :
- An error exists related to GET_SHADOW_COPY_DATA() and
FSCTL_SRV_ENUMERATE_SNAPSHOTS() request handling in
which the SRV_SNAPSHOT_ARRAY response field is not
properly initialized. Therefore, configurations with
'shadow_copy' or 'shadow-copy2' specified for the
'vfs objects' parameter can allow the disclosure of
uninitialized memory contents. (CVE-2014-0178)
- A denial of service vulnerability exists due to the
internal DNS server failing to check the 'reply' flag in
DNS packet headers. A remote attacker, via a forged
response packet that triggers a communication loop, can
cause the consumption of CPU processing and bandwidth.
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Samba 3.6.25 / 4.1.8 or later. Alternatively, install the
patch or apply the workaround referenced in the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false