samba - Mar 2021 - smb-vuln-regsvc-dos

Hello,

Today I scanned our AD with nmap and came up with the possible
"vulnerability" smb-vuln-regsvc-dos.

samba -V
Version 4.10.18-Debian

Anything to worry about?

-- 
Elias Pereira

On Tue, Mar 09, 2021 at 07:35:18PM -0300, Elias Pereira via samba
wrote:
>Hello,
>
>Today I scanned our AD with nmap and came up with the possible
>"vulnerability" smb-vuln-regsvc-dos.
>
>samba -V
>Version 4.10.18-Debian
>
>Anything to worry about?
This looks like a Microsoft NULL-pointer-dereference bug.

I don't think it would apply to us as our implementation
is completely different (i.e. we have our own NULL-pointer-dereference bugs :-).

On Tue, 2021-03-09 at 19:35 -0300, Elias Pereira via samba
wrote:
> Hello,
> 
> Today I scanned our AD with nmap and came up with the possible
> "vulnerability" smb-vuln-regsvc-dos.
> 
> samba -V
> Version 4.10.18-Debian
> 
> Anything to worry about?
Do you have any more details as to if anything on the Samba side
crashed?  (panic in the logs)

https://nmap.org/nsedoc/scripts/smb-vuln-regsvc-dos.html

I think it is more likely that we don't really support the bit of
winreg it is trying to touch (we don't hook users into winreg).

Andrew Bartlett

-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions