Andr0m3da
Power Member
According to e-matters, Samba(*) versions 3.0.x to 3.0.7 (inclusive) are affected by a buffer overflow that could allow the execution of arbitrary code.
The buffer overflow is caused when a specially-crafted request is received, which in turn could allow arbitrary code to be run, compromising system security. Because of the security implications, all users that could be affected should install the new Samba version 3.0.8 in which the vulnerability has been corrected.
Since last week, Samba version 3.0.8 has been available from http://us1.samba.org/samba/download/. Samba's announcement about this version said that it resolved a security issue that could have been exploited to launch denial of service (DoS) attacks.
(*)Samba provides printer and file sharing services allowing for compatibility between Unix, Linux, IBM System 390, OpenVMS resources and other operating systems with Microsoft Windows platforms.
The buffer overflow is caused when a specially-crafted request is received, which in turn could allow arbitrary code to be run, compromising system security. Because of the security implications, all users that could be affected should install the new Samba version 3.0.8 in which the vulnerability has been corrected.
Since last week, Samba version 3.0.8 has been available from http://us1.samba.org/samba/download/. Samba's announcement about this version said that it resolved a security issue that could have been exploited to launch denial of service (DoS) attacks.
(*)Samba provides printer and file sharing services allowing for compatibility between Unix, Linux, IBM System 390, OpenVMS resources and other operating systems with Microsoft Windows platforms.