Scientific Linux Security Update : samba on SL5.x i386/x86_64
High Nessus Plugin ID 61276
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSamba is a suite of programs used by machines to share files, printers, and other information.
An input validation flaw was found in the way Samba handled Any Batched (AndX) requests. A remote, unauthenticated attacker could send a specially crafted SMB packet to the Samba server, possibly resulting in arbitrary code execution with the privileges of the Samba server (root). (CVE-2012-0870)
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the smb service will be restarted automatically.
SolutionUpdate the affected packages.