From secunia security advisory at $URL:
A vulnerability has been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in process.c when handling Any Batched (AndX) request packets and can be exploited to cause a heap-based buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in versions prior to 3.4.0.
Update to version 3.4.0 or later or apply patch.
ok to glsa for it?
(In reply to comment #1)
> ok to glsa for it?
Yep. Added to existing GLSA request. Thanks.
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the
file-sharing service on the BlackBerry PlayBook tablet before 188.8.131.5271 and
other products, allows remote attackers to cause a denial of service (daemon
crash) or possibly execute arbitrary code via a Batched (aka AndX) request
that triggers infinite recursion.
This issue was resolved and addressed in
GLSA 201206-22 at http://security.gentoo.org/glsa/glsa-201206-22.xml
by GLSA coordinator Sean Amoss (ackle).