CentOS Errata and Security Advisory CESA-2010:0698
Samba is a suite of programs used by machines to share files, printers, and other information.
A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers (SIDs). A malicious client could send a specially-crafted SMB request to the Samba server, resulting in arbitrary code execution with the privileges of the Samba server (smbd). (CVE-2010-3069)
Users of Samba are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2010-September/017004.html http://lists.centos.org/pipermail/centos-announce/2010-September/017005.html
Affected packages: libtalloc libtalloc-devel libtdb libtdb-devel samba3x samba3x-client samba3x-common samba3x-doc samba3x-domainjoin-gui samba3x-swat samba3x-winbind samba3x-winbind-devel tdb-tools
Upstream details at: https://rhn.redhat.com/errata/RHSA-2010-0698.html