Samba Server VFS Plugin AFSACL.SO Remote Format String Vulnerability

Samba Server VFS Plugin AFSACL.SO Remote Format String Vulnerability

Samba is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of users running the affected application. This facilitates the remote compromise of affected computers.

Samba versions 3.06 to 3.0.23d are vulnerable.