=========================================================== == Subject: Remote code execution in nmbd == == CVE ID#: CVE-2014-3560 == == Versions: Samba 4.0.0 to 4.1.10 == == Summary: Samba 4.0.0 to 4.1.10 are affected by a == remote code execution attack on == unauthenticated nmbd NetBIOS name services. == =========================================================== =========== Description =========== All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root). ================== Patch Availability ================== A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.1.11 and 4.0.21 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. ========== Workaround ========== Do not run nmbd, the NetBIOS name services daemon. ======= Credits ======= This problem was found and the fix provided by Volker Lendecke, a Samba Team member working for SerNet <vl@sernet.de> https://www.sernet.de.