Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or PhpNuke?Need help customizing or designing scripts?Please contact me via the Contact Us option for further details and pricing.
DESCRIPTION: Some vulnerabilities have been reported in Samba, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1) Under certain conditions, smbd fails to remove requests from the deferred file open queue. This can be exploited to cause a DoS due to heavy resource usage by triggering an infinite loop when renaming a file under special circumstances.
2) Samba uses filenames as format string parameter in a call to "sprintf()" when setting Windows NT Access Control Lists using the afsacl.so VFS plugin. This can potentially be exploited to execute arbitrary code.
Successful exploitation requires that an AFS file system is shared to CIFS clients using the afsacl.so VFS module and that the attacker has write access to the share.
SOLUTION: Update to version 3.0.24.
PROVIDED AND/OR DISCOVERED BY:
1) Reported by the vendor.
2) The vendor credits zybadawg333.
ORIGINAL ADVISORY:
http://us1.samba.org/samba/security/CVE-2007-0452.html
http://us1.samba.org/samba/security/CVE-2007-0454.html
Posted on Tuesday, February 06, 2007 @ 05:52:21 EST by Raven
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
