From owner-freebsd-security  Tue Mar 18  8:41:43 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 83AEC37B401
	for <security@FreeBSD.ORG>; Tue, 18 Mar 2003 08:41:40 -0800 (PST)
Received: from imap.drweb.ru (blag3.drweb.ru [62.16.103.215])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6DA4B43F85
	for <security@FreeBSD.ORG>; Tue, 18 Mar 2003 08:41:39 -0800 (PST)
	(envelope-from nikolaj@drweb.ru)
Received: from drweb.ru (unknown [192.168.100.12])
	by imap.drweb.ru (Postfix) with ESMTP id 528E892D63
	for <security@FreeBSD.ORG>; Tue, 18 Mar 2003 19:41:36 +0300 (MSK)
Message-ID: <3E774C85.902@drweb.ru>
Date: Tue, 18 Mar 2003 19:42:45 +0300
From: "Nikolaj I. Potanin" <nikolaj@drweb.ru>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312
X-Accept-Language: ru, en-us
MIME-Version: 1.0
To: security@FreeBSD.ORG
Subject: Re: Samba vulnerability
References: <20030318143759.GA77729@nevermind.kiev.ua>
In-Reply-To: <20030318143759.GA77729@nevermind.kiev.ua>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> A flaw has been detected in the Samba main smbd code which could allow
> an external attacker to remotely and anonymously gain Super User (root)
      ^^^^^^^^^^^^^^^^^

Does anyone here have smbd bound to an external interface? ;-)

> privileges on a server running a Samba server. This flaw exists in
> previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a
> serious problem and all sites should either upgrade to Samba 2.2.8
> immediately or prohibit access to TCP ports 139 and 445. The Release
> Notes are available on-line.

-- 
Nikolaj I. Potanin, SA                          http://www.drweb.ru
ID Anti-Virus Lab (SalD Ltd)                    nikolaj@drweb.ru
St. Petersburg, Russia                          ph.: +7-812-3888624


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message