Samba < 3.0.26 'idmap_ad.co' Local Privilege Escalation

Low Nessus Network Monitor Plugin ID 4208

Synopsis

The remote host is vulnerable to a local 'privilege escalation' flaw.

Description

According to its banner, the version of the Samba server installed on the remote host is affected by a flaw where a local attacker can gain group-0 access. In order for the exploit to work, the local system must be configured to use Microsoft Active Directory and return a NULL value for the group ID. Successful exploitation would result in the local attacker gaining elevated access on the local machine.

Solution

Upgrade to version 3.0.26 or higher.

See Also

http://www.samba.org/samba/security/CVE-2007-4138.html

Plugin Details

Severity: Low

ID: 4208

Family: Samba

Published: 2007/09/11

Modified: 2016/02/05

Dependencies: 8740

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 1.2

Temporal Score: 1

Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 2.8

Temporal Score: 2.6

Vector: CVSS3#AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Patch Publication Date: 2007/09/13

Vulnerability Publication Date: 2007/09/13

Reference Information

CVE: CVE-2007-4138

BID: 25636