Sebastian Krahmer discovered a security vulnerability present in unpatched versions of Samba prior to 2.2.8. An anonymous user could use the vulnerability to gain root access on the target machine. This is CAN-2003-0085 Additionally, a race condition could allow an attacker to overwrite critical system files. This is CAN-2003-0086 Updated packages based on samba 2.2.7 will be available shortly RHSA-2003:096 http://www.samba.org/samba/whatsnew/samba-2.2.8.html
This was fixed in samba-2.2.7-2.21as and samba-2.2.7-3.21as