|
|
| |
|
| |
samba - exploitable buffer overruns
| Package(s): | samba |
CVE #(s): | CAN-2003-0085
CAN-2003-0086
|
| Created: | March 17, 2003 |
Updated: | April 4, 2003 |
| Description: |
The SuSE security audit team, in particular Sebastian Krahmer has found a
flaw in the Samba main smbd code which could allow an external attacker to
remotely and anonymously gain Super User (root) privileges on a server
running a Samba server.
This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
inclusive. This is a serious problem and all sites should either
upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
and 445. Advice created by Andrew Tridgell, the leader of the Samba
Team, on how to protect an unpatched Samba server is given at the end
of this section.
The SMB/CIFS protocol implemented by Samba is vulnerable to many
attacks, even without specific security holes. The TCP ports 139 and
the new port 445 (used by Win2k and the Samba 3.0 alpha code in
particular) should never be exposed to untrusted networks.
See this article for more information. Samba-TNG users should update to version 0.3.1. |
| Alerts: |
|
( Log in to post comments)
|
|
|