This script is Copyright (C) 2002-2013 Tenable Network Security, Inc.
Remote code can be executed on the remote server.
The remote Samba server, according to its version number, is vulnerable
to a bug in the length checking for encrypted password change requests
from clients. A client could potentially send an encrypted password,
which, when decrypted with the old hashed password could be used as a
buffer overrun attack on the stack of smbd.
upgrade to Samba 2.2.7
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true