Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Samba < 2.0.10 Remote Arbitrary File Overwrite

Critical

Synopsis

The remote SAMBA server allows anonymous users to gain 'root' access.

Description

The remote Samba server is be vulnerable to a remote file creation vulnerability. This vulnerability allows an attacker overwrite arbitrary files by supplying an arbitrartily formed NetBIOS machine name to this server, and to potentially become root on this host.

Solution

Upgrade to Samba 2.0.10, 2.2.0a or higher