Date: Tue, 18 Mar 2003 16:37:59 +0200 From: Alexandr Kovalenko <never@nevermind.kiev.ua> To: security@freebsd.org Subject: Samba vulnerability Message-ID: <20030318143759.GA77729@nevermind.kiev.ua>
next in thread | raw e-mail | index | archive | help
http://samba.org/samba/samba.html (14th Mar, 2003) Security Release - Samba 2.2.8 A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. The Release Notes are available on-line. In addition to addressing this security issue, Samba 2.2.8 includes many unrelated improvements. These improvements result from our process of continuous quality assurance and code review, and are part of the Samba team's committment to excellence. -- NEVE-RIPE, will build world for food Ukrainian FreeBSD User Group http://uafug.org.ua/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030318143759.GA77729>