CVE-2011-0719 (http://www.samba.org/samba/security/CVE-2011-0719): All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated (guest connection). Currently we do not believe this flaw is exploitable beyond a crash or causing the code to loop, but on the advice of our security reviewers we are releasing fixes in case an exploit is discovered at a later date. The fix is available both for 3.5 and 3.4 branches (http://samba.org/samba/latest_news.html#3.5.7) Reproducible: Always Steps to Reproduce:
Thank you for the report. Bug 356917 has been created for this issue. *** This bug has been marked as a duplicate of bug 356917 ***