Scientific Linux Security Update : samba3x on SL5.x i386/x86_64
High Nessus Plugin ID 60856
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionNOTE: This errata went out 2010-09-15, but this email was not sent.
A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069)
After installing this update, the smb service will be restarted automatically.
SolutionUpdate the affected packages.