Updated samba packages that fix a security issue and a bug are now
available for Red Hat Enterprise Linux.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Samba is a suite of programs used by machines to share files, printers, and
A stack buffer overflow flaw was found in the way Samba authenticates
remote users. A remote unauthenticated user could trigger this flaw to
cause the Samba server to crash, or execute arbitrary code with the
permissions of the Samba server. (CVE-2007-6015)
Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.
This update also fixes a regression caused by the fix for CVE-2007-4572,
which prevented some clients from being able to properly access shares.
Users of Samba are advised to upgrade to these updated packages, which
contain a backported patch to resolve these issues.