Samba < 2.0.10 Remote Arbitrary File Overwrite

Critical Nessus Network Monitor Plugin ID 1338

Synopsis

The remote SAMBA server allows anonymous users to gain 'root' access.

Description

The remote Samba server is be vulnerable to a remote file creation vulnerability. This vulnerability allows an attacker overwrite arbitrary files by supplying an arbitrartily formed NetBIOS machine name to this server, and to potentially become root on this host.

Solution

Upgrade to Samba 2.0.10, 2.2.0a or higher

See Also

http://www.samba.org

Plugin Details

Severity: Critical

ID: 1338

File Name: 1338.prm

Family: Samba

Published: 2013/03/25

Modified: 2016/01/19

Dependencies: 8739

Nessus ID: 10786

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Reference Information

CVE: CVE-2001-1162

BID: 2928

OSVDB: 656