openSUSE 10 Security Update : samba (samba-3350)
Critical Nessus Plugin ID 27430
SynopsisThe remote openSUSE host is missing a security update.
DescriptionSpecially crafted MS-RPC packets could overwrite heap memory and therfore could potentially be exploited to execute code (CVE-2007-2446).
Authenticated users could leverage specially crafted MS-RPC packets to pass arguments unfiltered to /bin/sh (CVE-2007-2447).
A bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB protocol operations as root (CVE-2007-2444).
SolutionUpdate the affected samba packages.