============================================================= Subject: Remote code execution in nmbd ==== CVE ID#: CVE-2014-3560==== Versions: Samba 4.0.0 to 4.1.10==== Summary: Samba 4.0.0 to 4.1.10 are affected by a == remote code execution attack on ==unauthenticated nmbd NetBIOS name services.========================================================================Description===========All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).