[Samba] CVE-2008-4250?
Leslie León
leslie.leon at azumathb.azcuba.cu
Mon Jun 18 13:14:54 UTC 2018
Good morning/day/night to all!
After moving all my infrastructure to Debian9, changed my ADDC from
Win2K12 to Samba4 scanning my network I found the following:
--------------------------------------------------------------------------------------------------------------------------------
koratsuki at happyharry:~$ nmap --script smb-vuln-ms08-067.nse -p445
smb-addc.tld
Starting Nmap 7.50 ( https://nmap.org ) at 2018-06-18 08:14 CDT
Nmap scan report for smb-addc.tld
Host is up (0.00073s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
Host script results:
| smb-vuln-ms08-067:
| VULNERABLE:
| Microsoft Windows system vulnerable to remote code execution (MS08-067)
| State: LIKELY VULNERABLE
| IDs: CVE:CVE-2008-4250
| The Server service in Microsoft Windows 2000 SP4, XP SP2 and
SP3, Server 2003 SP1 and SP2,
| Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows
remote attackers to execute arbitrary
| code via a crafted RPC request that triggers the overflow
during path canonicalization.
|
| Disclosure date: 2008-10-23
| References:
| https://technet.microsoft.com/en-us/library/security/ms08-067.aspx
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4250
Nmap done: 1 IP address (1 host up) scanned in 1.18 seconds
--------------------------------------------------------------------------------------------------------------------------------
Now, I wonder... Why is happening that? That server is installed with
samba 4.8.2, lastest stable release, Debian 9.4, and the compile chain is:
./configure --enable-fhs --prefix=/usr --sysconfdir=/etc
--localstatedir=/var --enable-debug --enable-selftest --cross-answers
--cross-execute --disable-cups --disable-iprint --sbindir=/usr/sbin
--mandir=/usr/share/man -j4 --enable-selftest --without-systemd
I´am doing something wrong or need more stuff in the smb.conf? The
smb.conf is using the default config... Can someone point me on the
right direction in order to fix this?
Best regards.
--
/************************************************
* Téc. Leslie León Sinclair
* Administrador de Redes - AzumatHB
* Another happy Slackware & Debian GNU/Linux user
* Blog: https://admlinux.cubava.cu
* Proud GNU/Linux User #445535
* ☎ +49-170-7683042
*************************************************/
More information about the samba
mailing list