Detections
Analytics
Samba 3.x < 3.5.22 / 3.6.x < 3.6.17 / 4.0.x < 4.0.8 read_nttrans_ea_lis DoS
medium Nessus Plugin ID 69276
Language:
Synopsis
The remote Samba server is affected by a denial of service vulnerability.Description
According to its banner, the version of Samba running on the remote host is 3.x prior to 3.5.22, 3.6.x prior to 3.6.17 or 4.0.x prior to 4.0.8. It is, therefore, potentially affected by a denial of service vulnerability.An integer overflow error exists in the function 'read_nttrans_ea_lis' in the file 'nttrans.c' that could allow denial of service attacks to be carried out via specially crafted network traffic.
Note if 'guest' connections are allowed, this issue can be exploited by a remote, unauthenticated attacker.
Further note that Nessus has relied only on the self-reported version number and has not actually tried to exploit this issue or determine if the associated patch has been applied.
Solution
Either install the patch referenced in the project's advisory, or upgrade to version 3.5.22 / 3.6.17 / 4.0.8 or later.See Also
https://www.samba.org/samba/security/CVE-2013-4124.html
https://www.samba.org/samba/history/samba-3.5.22.html
https://www.samba.org/samba/history/samba-3.6.17.html
Plugin Details
Severity: Medium
ID: 69276
File Name: samba_4_0_8.nasl
Version: 1.16
Type: remote
Family: Misc.
Published: 8/8/2013
Updated: 11/15/2018
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2013-4124
Vulnerability Information
CPE: cpe:/a:samba:samba
Required KB Items: Settings/ParanoidReport, SMB/samba, SMB/NativeLanManager
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/5/2013
Vulnerability Publication Date: 8/5/2013
Reference Information
CVE: CVE-2013-4124
BID: 61597