South West (UK) Linux User Group

Major Samba Security Alert
Date: Wednesday, March 19 @ 23:41:23
Topic Security


A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445.

Everyone upgrade to version 2.2.8 now! Get it here.

This article comes from South West (UK) Linux User Group
http://www.southwestlug.uklinux.net/

The URL for this story is:
http://www.southwestlug.uklinux.net/modules.php?op=modload&name=News&file=article&sid=95