Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Samba < 3.0.22 Local File Permissions Credentials Disclosure

Low

Synopsis

The remote host is vulnerable to a local flaw in the way that it creates log files.

Description

The remote Samba server, according to its version number, may be vulnerable to a local flaw. Specifically, if debugging has been set to level 5 or higher, the local SAMBA process will log account credentials. These credentials can be read by local users and used in future attacks.

Solution

Upgrade to version 3.0.22 or higher.