| Errata ID | 156 |
|---|---|
| Date | 2014-08-04 |
| Source package | samba |
| Fixed in version | 4.1.0-1.653.201408041143 |
| Description | This update fixes a security vulnerability: * All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root). |
| Additional notes | |
| CVE ID | CVE-2014-3560 |
| UCS Bug number | #35546 |
