GLSA-200411-21 : Samba: Multiple vulnerabilities
Critical Nessus Plugin ID 15696
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200411-21 (Samba: Multiple vulnerabilities)
Samba fails to do proper bounds checking when handling TRANSACT2_QFILEPATHINFO replies. Additionally an input validation flaw exists in ms_fnmatch.c when matching filenames that contain wildcards.
An attacker may be able to execute arbitrary code with the permissions of the user running Samba. A remote attacker may also be able to cause an abnormal consumption of CPU resources, resulting in slower performance of the server or even a Denial of Service.
There is no known workaround at this time.
SolutionAll Samba users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-fs/samba-3.0.8'