Samba Format String Vulnerability Network Vulnerability

Summary

The host has Samba installed and is prone to Format String Vulnerability.

Impact

Successful exploitation will allows attackers to crash an affected client or execute arbitrary code. Impact Level: System/Application

Solution

Upgrade to Samba 3.2.13 http://us3.samba.org/samba/ ****************************************************************************** Note: This may be a false positive as the package version is only being checked. Each operating system vendor might have shipped Samba with backported versions. ******************************************************************************

Insight

The flaw is due to, format string error in 'smbclient' utility when processing file names containing command arguments.

Affected

Samba 3.2.0 through 3.2.12 on Linux.

References

http://secunia.com/advisories/35539
http://www.vupen.com/english/advisories/2009/1664

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1886
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CUPS Multiple Vulnerabilities - Oct08
CA kmxfw.sys Code Execution and DoS Vulnerabilities
7-Zip Unspecified Archive Handling Vulnerability (Win)
ClamAV get_unicode_name() Off-By-One Heap based BOF Vulnerability
CUPS IPP Use-After-Free Denial of Service Vulnerability

Take action and discover your vulnerabilities