FreeBSD : samba -- Unexpected code execution in smbd (996c219c-bbb1-11e4-88ae-d050992ecde8)
Critical Nessus Plugin ID 81463
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionSamba development team reports :
All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution vulnerability in the smbd file server daemon.
A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges.
SolutionUpdate the affected packages.