[Samba] CVE-2008-4250?

Leslie León leslie.leon at azumathb.azcuba.cu
Mon Jun 18 13:14:54 UTC 2018 

Good morning/day/night to all!

After moving all my infrastructure to Debian9, changed my ADDC from 
Win2K12 to Samba4 scanning my network I found the following:

--------------------------------------------------------------------------------------------------------------------------------

koratsuki at happyharry:~$ nmap --script smb-vuln-ms08-067.nse -p445 
smb-addc.tld

Starting Nmap 7.50 ( https://nmap.org ) at 2018-06-18 08:14 CDT
Nmap scan report for smb-addc.tld
Host is up (0.00073s latency).

PORT    STATE SERVICE
445/tcp open  microsoft-ds

Host script results:
| smb-vuln-ms08-067:
|   VULNERABLE:
|   Microsoft Windows system vulnerable to remote code execution (MS08-067)
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2008-4250
|           The Server service in Microsoft Windows 2000 SP4, XP SP2 and 
SP3, Server 2003 SP1 and SP2,
|           Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows 
remote attackers to execute arbitrary
|           code via a crafted RPC request that triggers the overflow 
during path canonicalization.
|
|     Disclosure date: 2008-10-23
|     References:
| https://technet.microsoft.com/en-us/library/security/ms08-067.aspx
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250

Nmap done: 1 IP address (1 host up) scanned in 1.18 seconds

--------------------------------------------------------------------------------------------------------------------------------

Now, I wonder... Why is happening that? That server is installed with 
samba 4.8.2, lastest stable release, Debian 9.4, and the compile chain is:

./configure --enable-fhs --prefix=/usr --sysconfdir=/etc 
--localstatedir=/var --enable-debug --enable-selftest --cross-answers 
--cross-execute --disable-cups --disable-iprint --sbindir=/usr/sbin 
--mandir=/usr/share/man -j4 --enable-selftest --without-systemd

I´am doing something wrong or need more stuff in the smb.conf? The 
smb.conf is using the default config... Can someone point me on the 
right direction in order to fix this?

Best regards.

-- 
/************************************************
* Téc. Leslie León Sinclair
* Administrador de Redes - AzumatHB
* Another happy Slackware & Debian GNU/Linux user
* Blog: https://admlinux.cubava.cu
* Proud GNU/Linux User #445535
* ☎ +49-170-7683042
*************************************************/

More information about the samba mailing list