CESA-2010:0698 -- centos 5 x86_64 samba3xID: oval:org.secpod.oval:def:201809 | Date: (C)2012-01-31 (M)2023-02-20 |
Class: PATCH | Family: unix |
Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server . Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.