[Samba] Kulak exploit
John H Terpstra
jht at samba.org
Wed Jun 11 16:19:04 GMT 2003
On Wed, 11 Jun 2003, Chris Gonnerman wrote:
> Some time ago one of my customer's computers was compromised by outside
> attackers, and though we were able to clean it up I never learned how.
> A few weeks back, my own office machine was hacked and the signs were
> similar; but this time I found an exploit program named "kulak" in my
> /tmp directory.
>
> Evidently (according to the source, which the attacker left behind also)
> kulak exploits a buffer overflow in Samba 2.2.8 to get a root shell. I
> searched Google to no avail for this exploit; so I am asking here. Is
> this bug fixed in later versions? Has anyone even heard of this?
Fixed in 2.2.8a.
- John T.
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list