Mandriva Linux Security Advisory - A logic error in the deferred open code for smbd may allow an authenticated user to exhaust resources such as memory and CPU on the server by opening multiple CIFS sessions, each of which will normally spawn a new smbd process, and sending each connection into an infinite loop. The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin.
79f22ffaa9ce0e3537037b26164de8346063ae90e18bc9ca00754aa260337d75
Debian Security Advisory 1257-1 - Several remote vulnerabilities have been discovered in samba, a free implementation of the SMB/CIFS protocol, which may lead to the execution of arbitrary code or denial of service.
3b833c5f2326b67c9b1aac0c35214a834900e47eb5d521e30655f20b36fdc993
The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin. This affects Samba versions 3.0.6 through 3.0.23d. Patch included.
1b9a5933a61b5ba5816be5b3ed95fee8d77b027e7ccbbe015eab2b33ace3c7f3