The remote Samba server is affected by multiple vulnerabilities.
According to its banner, the version of Samba running on this system (i.e., earlier than 3.6.22 / 4.0.13 / 4.1.3) contain the following known vulnerabilities: - A security bypass vulnerability via the 'winbind_name_list_to_sid_string_list()' that would allow a malicious authenticated user to modify the 'pam_winbind' configuration file. (CVE-2012-6150) - A buffer overflow vulnerability in the 'dcerpc_read_ncacn_packet_done()' function that can allow remote AD domain controllers to execute arbitrary code (CVE-2013-4408) - ACLs were not checked when opening files with alternate data streams, though this issue is only exploitable if the VFS modules vfs_streams_depot and/or vfs_streams_xattr are used. (CVE-2013-4475)
Install the patch referenced in the project's advisory, or upgrade to 3.6.22 / 4.0.13 / 4.1.3 or later.