Samba 3.6.x < 3.6.3 Denial of Service
Medium Nessus Network Monitor Plugin ID 6299
SynopsisThe remote Samba server is affected by a denial of service vulnerability.
DescriptionAccording to its banner, the version of Samba 3.6.x running on the remote host is earlier than 3.6.3. Errors exist in the files 'source3/lib/substitute.c' and 'source3/smbd/server.c' that leak small amounts of memory when processing every connection attempt.
An attacker can continually make connections to the server and cause a denial of service attack against the affected smbd service.
SolutionEither apply one of the patches referenced in the project's advisory or upgrade to 3.6.3 or later.