Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Samba 2.x < 2.2.11 Remote DoS

Medium

Synopsis

The remote Samba server is affected by a remote Denial of Service (DoS) attack vector.

Description

According to its banner, the version of Samba is earlier than 2.2.11. It is, therefore, affected by a flaw that may allow a remote denial of service. The issue is triggered when sending a 'FindNextPrintChangeNotify()' request from a Windows XP SP2 client without initially issuing a 'FindFirstPrintChangeNotify()' request, which could allow a remote attacker to cause the Samba daemon to crash, resulting in a loss of availability of the service.

Solution

Upgrade Samba to version 2.2.11 or later.