Samba has been flagged out-of-date since 2014-03-12.

Two CVE's were issued 2014-03-14.

*Solution*

Upgrade [extra] samba to 4.1.6.

*Summary*

CVE-2013-4496:
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.

CVE-2013-6442
Samba versions 4.0.0 and above have a flaw in the smbcacls command. If smbcacls is used with the "-C|--chown name" or "-G|--chgrp name" command options it will remove the existing ACL on the object being modified, leaving the file or directory unprotected.

*Links*

http://www.samba.org/samba/security/CVE-2013-4496
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4496
http://www.samba.org/samba/security/CVE-2013-6442
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6442

------------------------------------------[00(01|10)11]-----------------------------------------

Billy Wayne McCann, Ph.D.
Google+

PGP Key

irc://irc.freenode.net:bwayne

MzM0LTcwMy0wMTIyCg== | base64 -d

"A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)

------------------------------------------[11(10|01)00]------------------------------------------