Hi All, Thanks a lot for posting the CVE-2010-3069 for Buffer Overrun Vulnerability ,which is affected on all the Samba 3.0.x to 3.5.x releases. We are using samba 3.0.28a code .According to Samba-3.3.13-CVE-2010-3069 patch, we have changed the code of Samba 3.0.28a.We are unable to modify samba-3.0.28a code due to following reason. In the Samba-3.3-13 /source/smbd/nttrance.c ,they are using "req" that of "struct smb_request" type as a parameter in the call_nt_transact_ioctl , call_nt_transact_get_user_quota and call_nt_transact_set_user_quota functions.But there is no "req" in the 3.0.28a code.We are facing the problem where we have to change the code of Samba 3.0.28.a. Any suggestions please help us...