Samba Format String Vulnerability Network Vulnerability

Summary

The host has Samba installed and is prone to Format String Vulnerability.

Impact

Successful exploitation will allows attackers to crash an affected client or execute arbitrary code. Impact Level: System/Application

Solution

Upgrade to Samba 3.2.13 http://us3.samba.org/samba/ ****************************************************************************** Note: This may be a false positive as the package version is only being checked. Each operating system vendor might have shipped Samba with backported versions. ******************************************************************************

Insight

The flaw is due to, format string error in 'smbclient' utility when processing file names containing command arguments.

Affected

Samba 3.2.0 through 3.2.12 on Linux.

References

http://secunia.com/advisories/35539
http://www.vupen.com/english/advisories/2009/1664

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1886

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
Adobe Reader '.ETD File' Denial of Service Vulnerability (Linux)
freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
Freeciv Multiple Remote Denial Of Service Vulnerabilities
AzeoTech DAQFactory Denial of Service Vulnerability

Take action and discover your vulnerabilities