Back to search

Samba Print Change Denial Of Service Vulnerability

Severity CVSS Published Added Modified
7 (AV:N/AC:M/Au:N/C:N/I:N/A:C) December 21, 2004 December 21, 2004 November 13, 2013

Description

Certain versions of Samba are vulnerable to a denial of service if out-of-sequence print change notify requests are receieved. Successful exploitation crashes the Samba daemon.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

Solution

  • Samba < 2.2.11

    Upgrade to Samba version 2.2.11

    Download and apply the upgrade from: https://ftp.samba.org/pub/samba/old-versions/samba-2.2.11.tar.gz

    Alternatively, patches may be available at http://www.samba.org/samba/history/security.html. Although Samba provides source code, it is recommended that you use your operating system's package manager to upgrade if possible. Please note that many operating system vendors choose to apply the most recent Samba security patches to their distributions without changing the package version to the most recent Samba version number. For the most reliable scan results, use correlation with authenticated scans.

  • Samba < 3.0.7

    Upgrade to Samba version 3.0.7

    Download and apply the upgrade from: https://ftp.samba.org/pub/samba/stable/samba-3.0.7.tar.gz

    Alternatively, patches may be available at http://www.samba.org/samba/history/security.html. Although Samba provides source code, it is recommended that you use your operating system's package manager to upgrade if possible. Please note that many operating system vendors choose to apply the most recent Samba security patches to their distributions without changing the package version to the most recent Samba version number. For the most reliable scan results, use correlation with authenticated scans.