[plug] samba
James Bromberger
james at rcpt.to
Thu Apr 19 17:23:08 WST 2001
On Thu, Apr 19, 2001 at 04:59:29PM +0800, Travis Read wrote:
> Does anybody know of any remote exploits for samba? I read in bugtraq
> there are a few local exploits, however, my gateway box only has 3
> users. In /var/log/ I have this:
> <snip>
> -rw-r--r-- 1 root root 488 Feb 24 19:21 samba.darkstar
> -rw-r--r-- 1 root root 468 Apr 18 23:28
> samba.\202\312\202\202\202\210
> -rw-r--r-- 1 root root 472 Apr 16 15:09
> samba.\300\300\230\232\300\231
> drwxr-xr-x 2 root root 4096 Apr 15 01:31 scripts/
> drwxr-xr-x 3 root root 4096 Jan 29 1994 setup/
> <snip>
>
> root at darkstar:/var/log# /mnt/hdc1/bin/smbd -V
> Version 2.0.7
>
> It looks like a buffer overflow to me. Has anybody else heard of this?
>
> In this case I took my firewall down for a few hours whilst I tested a
> VPN. The hack attempt occured during this time.
Travis,
Check the release notes for Samba 2.0.8 which came out yesterday (hours after
2.2.0). There were a few problems discovered after someone audited some of
the samba code.
James
--
James Bromberger <james_AT_rcpt.to> www.rcpt.to/~james
* * C u in Bordeaux - 1st Debian Conference, July 2001 * *
Remainder moved to http://www.rcpt.to/~james/james/sig.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20010419/74377e1b/attachment.pgp>
More information about the plug
mailing list