Mandrake Linux Security Advisory : samba (MDKSA-2007:224-3)
High Nessus Plugin ID 28274
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionThe samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572).
As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398).
This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.
SolutionUpdate the affected packages.