Summary
The host has Samba installed and is prone to Format String Vulnerability.
Impact
Successful exploitation will allows attackers to crash an affected client or execute arbitrary code.
Impact Level: System/Application
Solution
Upgrade to Samba 3.2.13
http://us3.samba.org/samba/
****************************************************************************** Note: This may be a false positive as the package version is only being checked.
Each operating system vendor might have shipped Samba with backported versions.
******************************************************************************
Insight
The flaw is due to, format string error in 'smbclient' utility when processing file names containing command arguments.
Affected
Samba 3.2.0 through 3.2.12 on Linux.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1886 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities