Test ID:	1.3.6.1.4.1.25623.1.0.10786
Category:	Gain root remotely
Title:	Samba Remote Arbitrary File Creation
Summary:	NOSUMMARY
Description:	Description: The remote Samba server, according to its version number, may be vulnerable to a remote file creation vulnerability. This vulnerability allows an attacker to overwrite arbitrary files by supplying an arbitrarily formed NetBIOS machine name to this server, and to potentially become root on the remote server. An attacker do not need any privileges to exploit this flaw. Solution : upgrade to Samba 2.0.10 or 2.2.0a Risk factor : High
Cross-Ref:	BugTraq ID: 2928 Common Vulnerability Exposure (CVE) ID: CVE-2001-1162 http://www.securityfocus.com/bid/2928 Bugtraq: 20010623 smbd remote file creation vulnerability (Google Search) http://www.securityfocus.com/archive/1/193027 Caldera Security Advisory: CSSA-2001-024.0 http://www.calderasystems.com/support/security/advisories/CSSA-2001-024.0.txt Computer Incident Advisory Center Bulletin: L-105 http://ciac.llnl.gov/ciac/bulletins/l-105.shtml Conectiva Linux advisory: CLA-2001:405 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000405 Debian Security Information: DSA-065 (Google Search) http://www.debian.org/security/2001/dsa-065 HPdes Security Advisory: HPSBUX0107-157 http://www.securityfocus.com/advisories/3423 Immunix Linux Advisory: IMNX-2001-70-027-01 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-027-01 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-062.php3 http://www.redhat.com/support/errata/RHSA-2001-086.html SGI Security Advisory: 20011002-01-P ftp://patches.sgi.com/support/free/security/advisories/20011002-01-P XForce ISS Database: samba-netbios-file-creation(6731) https://exchange.xforce.ibmcloud.com/vulnerabilities/6731
Copyright	This script is Copyright (C) 2001 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.