A remote code execution in nmbdÂ (the NetBIOS name services daemon)Â has been found in Samba versions 4.0.0 to 4.1.10. ( assginedÂ CVE-2014-3560) and aÂ patch has been release by the team at samba.org.
Here’s the details fromÂ http://www.samba.org/samba/security/CVE-2014-3560
=========== Description ===========
All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap ofthe target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
================== Patch Availability ================== A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.1.11 and 4.0.21 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. ========== Workaround ========== Do not run nmbd, the NetBIOS name services daemon.
Chris Mohan — Internet Storm Center Handler on Duty
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.