CVE-2007-4572

Name of the Vulnerable Software and Affected Versions: Samba versions 3.0.0 through 3.0.26a Samba version 3.0.25b

Description: The issue concerns multiple vulnerabilities in the Samba package, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. A specific vulnerability is a stack-based buffer overflow in nmbd, related to handling GETDC logon server requests, allowing remote attackers to have an unknown impact via crafted GETDC mailslot requests.

Recommendations: For Samba versions 3.0.0 through 3.0.26a, update to a version newer than 3.0.26a to resolve the issue. For Samba version 3.0.25b, update to a version newer than 3.0.25b to resolve the issue. As a temporary workaround, consider restricting access to the nmbd service until a patch is available.