PublicDate: 2007-11-16 18:46:00 UTC
Candidate: CVE-2007-4572
References:
 https://ubuntu.com/security/notices/USN-617-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
Description:
 Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when
 configured as a Primary or Backup Domain controller, allows remote
 attackers to have an unknown impact via crafted GETDC mailslot requests,
 related to handling of GETDC logon server requests.
Ubuntu-Description:
Notes:
 jdstrand> believed by upstream to be unexploitable
 jdstrand> Debian 3.0.24-6etch8 should be regression free (check earlier
   versions too)
 jdstrand> suse has most complete fix
Bugs:
Priority: low
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_samba:
upstream_samba: released (3.0.27a)
dapper_samba: released (3.0.22-1ubuntu3.7)
edgy_samba: needed (reached end-of-life)
feisty_samba: released (3.0.24-2ubuntu1.6)
gutsy_samba: released (3.0.26a-1ubuntu2.4)
hardy_samba: not-affected (3.0.28-1ubuntu2)
devel_samba: not-affected (3.0.28-1ubuntu2)