Samba < 2.2.8 Multiple Vulnerabilities

Critical Nessus Plugin ID 11398


Arbitrary code may be run on the remote server.


The remote Samba server, according to its version number, is vulnerable to a remote buffer overflow when receiving specially crafted SMB fragment packets.

An attacker needs to be able to access at least one share to exploit this flaw.

In addition, it is reported that Samba contains a flaw related to the handling of .reg files that may allow a local user to overwrite arbitrary file.


Upgrade to Samba 2.2.8.

Plugin Details

Severity: Critical

ID: 11398

File Name: samba_frags_overflow.nasl

Version: $Revision: 1.20 $

Type: remote

Published: 2003/03/15

Modified: 2014/05/02

Dependencies: 10785

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Required KB Items: SMB/NativeLanManager

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2003/03/15

Exploitable With


Core Impact

Reference Information

CVE: CVE-2003-0085, CVE-2003-0086

BID: 7106, 7107

OSVDB: 6323, 12642

RHSA: 2003:095-03

SuSE: SUSE-SA:2003:016