Samba < 3.0.26 'idmap_ad.co' Local Privilege Escalation

Low Nessus Network Monitor Plugin ID 4208

Synopsis

The remote host is vulnerable to a local 'privilege escalation' flaw.

Description

According to its banner, the version of the Samba server installed on the remote host is affected by a flaw where a local attacker can gain group-0 access. In order for the exploit to work, the local system must be configured to use Microsoft Active Directory and return a NULL value for the group ID. Successful exploitation would result in the local attacker gaining elevated access on the local machine.

Solution

Upgrade to version 3.0.26 or higher.

See Also

http://www.samba.org/samba/security/CVE-2007-4138.html

Plugin Details

Severity: Low

ID: 4208

Family: Samba

Published: 2007/09/11

Updated: 2019/03/06

Dependencies: 8740

Nessus ID: 17719

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 1.2

Temporal Score: 1

Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 2.8

Temporal Score: 2.6

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Patch Publication Date: 2007/09/13

Vulnerability Publication Date: 2007/09/13

Reference Information

CVE: CVE-2007-4138

BID: 25636