CVE-2015-0240.html:

===========================================================
== Subject:     Unexpected code execution in smbd.
==
== CVE ID#:     CVE-2015-0240
==
== Versions:    Samba 3.5.0 to 4.2.0rc4
==
== Summary:     Unauthenticated code execution attack on
==		smbd file services.
==
===========================================================

===========
Description
===========

All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an
unexpected code execution vulnerability in the smbd file server
daemon.

A malicious client could send packets that may set up the stack in
such a way that the freeing of memory in a subsequent anonymous
netlogon packet could allow execution of arbitrary code. This code
would execute with root privileges.

==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 have been
issued as security releases to correct the defect. Patches against
older Samba versions are available at http://samba.org/samba/patches/.
Samba vendors and administrators running affected versions are advised
to upgrade or apply the patch as soon as possible.

==========
Workaround
==========

On Samba versions 4.0.0 and above, add the line:

rpc_server:netlogon=disabled

to the [global] section of your smb.conf. For Samba versions 3.6.x and
earlier, this workaround is not available.

=======
Credits
=======

This problem was found by Richard van Eeden of Microsoft Vulnerability
Research, who also provided the fix.