Tim Prouty

**Name of the Vulnerable Software and Affected Versions** Samba versions 3.0 through 3.0.36 Samba versions 3.2 through 3.2.14 Samba versions 3.3 through 3.3.7 Samba versions 3.4 through 3.4.1 Samba versions prior to 3.5.15 **Description** The issue affects the Samba software, allowing remote authenticated users to cause a denial of service or potentially disrupt the confidentiality, integrity, and availability of protected information. The exploitation can be carried out by a remote attacker who has passed the authentication procedure. **Recommendations** For Samba versions 3.0 through 3.0.36, update to version 3.0.37 or later. For Samba versions 3.2 through 3.2.14, update to version 3.2.15 or later. For Samba versions 3.3 through 3.3.7, update to version 3.3.8 or later. For Samba versions 3.4 through 3.4.1, update to version 3.4.2 or later. For Samba versions prior to 3.5.15, update to version 3.5.15 or later. As a temporary workaround, consider restricting access to the Samba service until a patch is available.