A fix is available for IBM SONAS, for the security issue that an attacker could crash applications by exploiting a vulnerability in Samba
CVEID:
CVE-2014-3493
DESCRIPTION:
Samba is used in IBM SONAS to enable file management and authentication services for Microsoft Windows environments.
IBM SONAS includes a version of Samba that is vulnerable to a denial of service. A remote authenticated attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 4
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93928 for the current score
IBM SONAS
The product is affected when running a code releases 1.3.0.0 to 1.4.3.3
A fix for these issues is in version 1.4.3.4 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.4.3.4 or a later version, so that the fix gets applied.
Workaround(s) :
Avoid use of authentication servers which are not protected behind a firewall. This vulnerability can be exploited only by someone who is authenticated.
Mitigation(s) : None
CPE | Name | Operator | Version |
---|---|---|---|
network attached storage (nas)->scale out network attached storage | eq | 1.4.3.4 |