Synopsis: Critical: samba security and bug fix update Issue date: 2007-12-10 CVE Names: CVE-2007-6015 A stack buffer overflow flaw was found in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or execute arbitrary code with the permissions of the Samba server. (CVE-2007-6015) This update also fixes a regression caused by the fix for CVE-2007-4572, which prevented some clients from being able to properly access shares. SL 3.0.x SRPMS: samba-3.0.9-1.3E.14.3.src.rpm i386: samba-3.0.9-1.3E.14.3.i386.rpm samba-client-3.0.9-1.3E.14.3.i386.rpm samba-common-3.0.9-1.3E.14.3.i386.rpm samba-swat-3.0.9-1.3E.14.3.i386.rpm x86_64: samba-3.0.9-1.3E.14.3.i386.rpm samba-3.0.9-1.3E.14.3.x86_64.rpm samba-client-3.0.9-1.3E.14.3.x86_64.rpm samba-common-3.0.9-1.3E.14.3.i386.rpm samba-common-3.0.9-1.3E.14.3.x86_64.rpm samba-swat-3.0.9-1.3E.14.3.x86_64.rpm SL 4.x SRPMS: samba-3.0.25b-1.el4_6.4.src.rpm i386: samba-3.0.25b-1.el4_6.4.i386.rpm samba-client-3.0.25b-1.el4_6.4.i386.rpm samba-common-3.0.25b-1.el4_6.4.i386.rpm samba-swat-3.0.25b-1.el4_6.4.i386.rpm x86_64: samba-3.0.25b-1.el4.4.x86_64.rpm samba-client-3.0.25b-1.el4.4.x86_64.rpm samba-common-3.0.25b-1.el4.4.x86_64.rpm samba-common-3.0.25b-1.el4_6.4.i386.rpm samba-swat-3.0.25b-1.el4.4.x86_64.rpm SL 5.x SRPMS: samba-3.0.25b-1.el5_1.4.src.rpm i386: samba-3.0.25b-1.el5.4.i386.rpm samba-client-3.0.25b-1.el5.4.i386.rpm samba-common-3.0.25b-1.el5.4.i386.rpm samba-swat-3.0.25b-1.el5.4.i386.rpm x86_64: samba-3.0.25b-1.el5.4.x86_64.rpm samba-client-3.0.25b-1.el5.4.x86_64.rpm samba-common-3.0.25b-1.el5.4.i386.rpm samba-common-3.0.25b-1.el5.4.x86_64.rpm samba-swat-3.0.25b-1.el5.4.x86_64.rpm -Connie Sieh -Troy Dawson