Samba < 3.0.24 Multiple Flaws

High Nessus Plugin ID 24685


The remote Samba server is affected by several vulnerabilities that could lead to remote code execution


According to its version number, the remote Samba server is affected by several flaws :

- A denial of service issue occuring if an authenticated attacker sends a large number of CIFS session requests which will cause an infinite loop to occur in the smbd daemon, thus utilizing CPU resources and denying access to legitimate users ;

- A remote format string vulnerability that could be exploited by an attacker with write access to a remote share by sending a malformed request to the remote service (this issue only affects installations sharing an AFS file system when the VFS module is loaded)

- A remote buffer overflow vulnerability affecting the NSS lookup capability of the remote winbindd daemon


Upgrade to Samba 3.0.24 or newer

Plugin Details

Severity: High

ID: 24685

File Name: samba_3_0_24.nasl

Version: $Revision: 1.16 $

Type: remote

Family: Misc.

Published: 2007/02/22

Modified: 2016/05/13

Dependencies: 10785

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Required KB Items: Settings/ParanoidReport, SMB/NativeLanManager

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2007/02/05

Reference Information

CVE: CVE-2007-0452, CVE-2007-0453, CVE-2007-0454

BID: 22395, 22403, 22410

OSVDB: 33098, 33100, 33101