Remote root hole in Samba
[Security] Posted Apr 10, 2012 18:40 UTC (Tue) by corbet
The Samba team has announced the release of versions 3.6.4, 3.5.14 and
3.4.16 containing a fix for a remote code
execution vulnerability. "As this does not require an
authenticated connection it is the most serious vulnerability possible in a
program, and users and vendors are encouraged to patch their Samba
installations immediately." Distributor updates should start
showing up in the near future.
Update: the Samba 4 alpha releases are vulnerable as well; 4.0alpha19 has been released with a fix.
Full Story (comments: 70)