CVE-2009-2948

Name of the Vulnerable Software and Affected Versions Samba versions 3.0 through 3.0.36 Samba versions 3.2 through 3.2.14 Samba versions 3.3 through 3.3.7 Samba versions 3.4 through 3.4.1 Samba versions prior to 3.5.15

Description The issue concerns multiple vulnerabilities in the Samba software, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited by a remote attacker who has passed the authentication procedure. The exploitation can result in unauthorized access to sensitive data.

Recommendations For Samba versions 3.0 through 3.0.36, update to version 3.0.37 or later. For Samba versions 3.2 through 3.2.14, update to version 3.2.15 or later. For Samba versions 3.3 through 3.3.7, update to version 3.3.8 or later. For Samba versions 3.4 through 3.4.1, update to version 3.4.2 or later. For Samba versions prior to 3.5.15, update to version 3.5.15 or later. As a temporary workaround, consider restricting access to the Samba service until a patch is available.