Sebastian Krahmer discovered a security vulnerability present
in unpatched versions of Samba prior to 2.2.8. An anonymous user could use
the vulnerability to gain root access on the target machine.
This is CAN-2003-0085
Additionally, a race condition could allow an attacker to overwrite
critical system files.
This is CAN-2003-0086
Updated packages based on samba 2.2.7 will be available shortly
This was fixed in samba-2.2.7-2.21as and samba-2.2.7-3.21as