Rule: --Sid: 3031-- Summary: This event is generated when an attempt is made to exploit a knownvulnerability in a Samba implementation.-- Impact: Serious. Possible execution of arbitrary code.--Detailed Information:Samba is a file and print serving system for heterogenous networks. Itis available for use as a service and client on UNIX/Linux systems and asa client for Microsoft Windows systems.Samba uses the SMB/CIFS protocols to allow communication between clientand server. The SMB protocol contains many commands and is commonly usedto control network devices and systems from a remote location. Avulnerability exists in the way the smb daemon processes commands sent bya client system when accessing resources on the remote server.The problemexists in the allocation of memory which can be exploited by an attackerto cause an integer overflow, possibly leading to the execution ofarbitrary code on the affected system with the privileges of the userrunning the smbd process.--Affected Systems:	Samba 3.0.8 and prior--Attack Scenarios: An attacker needs to supply specially crafted data to the smb daemon tooverflow a buffer containing the information for the access control liststo be applied to files in the smb query.-- Ease of Attack: Difficult.-- False Positives:None Known--False Negatives:None Known-- Corrective Action: Apply the appropriate vendor supplied patch--Contributors: Sourcefire Research TeamBrian Caswell <bmc@sourcefire.com>Nigel Houghton <nigel.houghton@sourcefire.com>-- Additional References:--