FreeBSD : samba -- format string bug in VFS plugin (57ae52f7-b9cc-11db-bf0f-0013720b182d)

High Nessus Plugin ID 24825


The remote FreeBSD host is missing one or more security-related updates.


The Samba Team reports :

NOTE: This security advisory only impacts Samba servers that share AFS file systems to CIFS clients and which have been explicitly instructed in smb.conf to load the VFS module.

The source defect results in the name of a file stored on disk being used as the format string in a call to snprintf(). This bug becomes exploitable only when a user is able to write to a share which utilizes Samba's library for setting Windows NT access control lists on files residing on an AFS file system.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 24825

File Name: freebsd_pkg_57ae52f7b9cc11dbbf0f0013720b182d.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2007/03/16

Modified: 2013/06/21

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ja-samba, p-cpe:/a:freebsd:freebsd:samba, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2007/03/16

Vulnerability Publication Date: 2007/02/05

Reference Information

CVE: CVE-2007-0454