GEN:SID 1:2103
Message NETBIOS SMB trans2open buffer overflow attempt
Summary A buffer overflow exists in the Samba file and print sharing software
that can allow a remote attacker to gain root privileges on the target
script to exploit this vulnerability.
Impact An attacker can cause the target system running Samba to overflow a
buffer presenting the attacker with root privileges.
Detailed Information It is possible for an anonymous user to cause a buffer overflow in a
character array by sending data greater than 1024 bytes to the variable
pname. This information is copied by another function causing the buffer
overflow.

Affected Systems:
Samba versions 2.2.5 to 2.2.8

may indicate an attacker verifying the root shell.
Affected Systems  
Attack Scenarios The attacker needs to send pname a value larger than 1024 bytes.
Ease of Attack Simple, an exploit script exists.
Corrective Action Upgrade to Samba versions 2.2.8a or Samba-TNG.
Additional References Digital Defense
http://www.digitaldefense.net/labs/advisories/DDI-1013.txt

CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201
Rule References bugtraq: 7294
cve: 2003-0201
url: www.digitaldefense.net/labs/advisories/DDI-1013.txt