Samba 2.x < 2.2.11 Remote DoS
Medium Nessus Network Monitor Plugin ID 9338
SynopsisThe remote Samba server is affected by a remote Denial of Service (DoS) attack vector.
DescriptionAccording to its banner, the version of Samba is earlier than 2.2.11. It is, therefore, affected by a flaw that may allow a remote denial of service. The issue is triggered when sending a 'FindNextPrintChangeNotify()' request from a Windows XP SP2 client without initially issuing a 'FindFirstPrintChangeNotify()' request, which could allow a remote attacker to cause the Samba daemon to crash, resulting in a loss of availability of the service.
SolutionUpgrade Samba to version 2.2.11 or later.