Released last week, version 3.4.8 of the free Samba file and print server fixes various holes including two denial of service (DoS) vulnerabilities which allow attackers to remotely crash the Smbd service. One of the problems is caused by a null pointer dereference when processing a certain series of SMB headers that include a specific combination of flags.
The other hole involves an uninitialised variable read when processing specially crafted "Session Setup AndX" requests with flawed Security Binary Large Object (security blob) length values.

Both flaws were already fixed in April In version 3.5.2. Users are advised to install one of the new versions as soon as possible because security firm Stratsec, which discovered the holes, released some relevant exploits.at the same time as the details of the vulnerability.

The link for this article located at H Security is no longer available.