Summary
The remote host is missing an update to samba
announced via advisory DSA 1427-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201427-1
Insight
Alin Rad Pop discovered that Samba, a LanManager-like file and printer server for Unix, is vulnerable to a buffer overflow in the nmbd code which handles GETDC mailslot requests, which might lead to the execution of arbitrary code.
For the stable distribution (etch), this problem has been fixed in version 3.0.24-6etch9.
For the old stable distribution (sarge), this problem has been fixed in version samba 3.0.14a-3sarge11. Packages for m68k will be provided later.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your samba packages.
Severity
Classification
-
CVE CVE-2007-6015 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities