Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Samba 3.6.x < 3.6.6 Remote Security Bypass

Medium

Synopsis

The remote Samba server is affected by a remote security bypass vulnerability

Description

According to its banner, the version of Samba 3.6.x running on the remote host is earlier than 3.6.x. It is, therefore, affected by a remote security bypass vulnerability because it fails to properly enforce CIFS share attributes.

This may allow a remote, authenticated attacker to write to read-only shares, impact integrity related to oplock, locking, coherency, or leases or leases attributes

Solution

Either install the patch referenced in the project's advisory or upgrade to 3.6.6 or later.