Samba SMB bug. "All versions since [Samba 3.5.0]...including the latest, 4.6.4, are vulnerable to this remote code execution vulnerability.... Samba 4.6.4, 4.5.10, and 4.4.14 have been issued as security releases to correct the defect..."
http://www.zdnet.com/article/its-not-ju ... r-smb-bug/
Samba SMB vulnerability
There is a work around if you can't upgrade. See here
==========
Workaround
==========
Add the parameter:
nt pipe support = no
to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note this
can disable some expected functionality for Windows clients.
Puppy Linux Blog - contact me for access