Date: Wed, 19 Mar 2003 10:08:28 +0100 From: Marton Kenyeres <mkenyeres@konvergencia.hu> To: security@freebsd.org Subject: Re: Samba vulnerability Message-ID: <200303191008.28706.mkenyeres@konvergencia.hu> In-Reply-To: <3E774C85.902@drweb.ru> References: <20030318143759.GA77729@nevermind.kiev.ua> <3E774C85.902@drweb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 18 March 2003 17.42, Nikolaj I. Potanin wrote: > > A flaw has been detected in the Samba main smbd code which could allow > > an external attacker to remotely and anonymously gain Super User (root) > > ^^^^^^^^^^^^^^^^^ > > Does anyone here have smbd bound to an external interface? ;-) > Although the advisory mentions external attackers, I bet this vulnerability allows malicious internal users to gain root privileges on an intranet file server. As far as I know a vast majority of attacks are attempted by insiders, so I don't find this funny at all. Also, form smb.conf(5): By default Samba will query the kernel for the list of all active interfaces and use any interfaces except 127.0.0.1 that are broadcast capable. So it is very well possible that in fact, someone here have smbd bound to an external interface. Anyway, I don't think that this kind of 'lamaz deserve to be r00ted' attitude is appropriate for this list. Pardon me, if I misunderstood your intentions. Cheers, -- Kenyeres Márton mkenyeres@konvergencia.hu KVG:) Konvergencia Kft. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303191008.28706.mkenyeres>