Question - Latest security alery of samba

Richard Sharpe rsharpe at richardsharpe.com
Sun Mar 16 18:05:40 GMT 2003


On Sun, 16 Mar 2003, Nir Livni wrote:

> I've read the announcement carefully.
> The announcement does not point a specific threat in the samba code.
> It mentions that "This version of Samba adds explicit overrun and overflow
> checks on
> fragment re-assembly of SMB/CIFS packets to ensure that only valid
> re-assembly is performed by smbd."
> 
> It also mentions that samba is highly vulnerable to attacks from an external
> network,
> And that 
> 1. host based protection
> 2. interface protection
> 3. Using a firewall
> 4. Using a IPC$ share deny
> May reduce vulnerability to such attacks.
> 
> There is no access to my samba servers from the internet, but I would like
> to know more about this security issue - specially, which source codes are
> involved. (SMB client code is currently no issue for me)
> Any list of affected source files would be appreciated.

How can we be sure that you are not a script-kiddie?

Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com



More information about the samba-technical mailing list