[GTER] para quem utiliza o Samba

Fabio Oliveira fabio at ipway.com.br
Wed Apr 9 23:43:01 -03 2003


- New vulnerability in Samba -

Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 9 2003 - A new vulnerability has been detected in Samba, the
Open Source/Free Software suite that provides file and print services to
SMB/CIFS clients.

According to Vnunet, the Samba team has confirmed that the new problem
affects all versions of the program. Samba has also explained that if the
vulnerability is exploited correctly, it could lead to an anonymous user
gaining root access on a Samba serving system (i.e. with administration
permissions).

The advisory itself has not been without incident, as the initial
publication contained a working exploit, which could allow any user who
downloaded the code to gain root access.

All users of Samba are advised to install version 2.2.8a, in which the
vulnerability has been corrected.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://eng.registro.br/pipermail/gter/attachments/20030409/382f1542/attachment.html>


More information about the gter mailing list