#27 Samba version has a known vulnerability

[Anonymous]

Originally created by: Dorean... (code.google.com)@gmail.com

Synopsis
Arbitrary code may be run on the remote server.

Description
The remote Samba server, according to its version number, is vulnerable
to a remote buffer overflow when receiving specially crafted SMB
fragment packets.

An attacker needs to be able to access at least one share to exploit
this flaw.

In addition, it is reported that Samba contains a flaw
related to the handling of .reg files that may allow
a local user to overwrite arbitrary file.

Solution
Upgrade to Samba 2.2.8.

CVSS
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)