iDefense Security Advisory 06.16.10 - Remote exploitation of a buffer overflow vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with root privileges. This vulnerability exists in a certain function within Samba, where an attacker could trigger a memory corruption by sending specially crafted SMB requests resulting in heap memory overwritten with attacker supplied data, which can allow attackers to execute code remotely. iDefense has confirmed the existence of this vulnerability in Samba version 3.3.12. Previous versions are suspected to be affected.Samba 3.4.0 and newer versions rewrite the whole logic of the vulnerable function and thus are not affected by this vulnerability.
0f3906ee46ff98f1da265c6dd01ae1df772e0d26f20fe6ac2c61cfa40c024efd