Date: Tue, 18 Mar 2003 19:16:28 +0100 From: Jens Rehsack <rehsack@liwing.de> To: "Nikolaj I. Potanin" <nikolaj@drweb.ru> Cc: security@FreeBSD.ORG Subject: Re: Samba vulnerability Message-ID: <3E77627C.2020709@liwing.de> References: <20030318143759.GA77729@nevermind.kiev.ua> <3E774C85.902@drweb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Nikolaj I. Potanin wrote: >> A flaw has been detected in the Samba main smbd code which could allow >> an external attacker to remotely and anonymously gain Super User (root) > > ^^^^^^^^^^^^^^^^^ > > Does anyone here have smbd bound to an external interface? ;-) Even if it's possible when you're using ssl-binding in samba as described in the book "Samba unleashed". If someone hacks your ssl-keys, I think the open samba is a minor problem :-) Jens To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E77627C.2020709>