Question - Latest security alery of samba
Nir Livni
nirl at cyber-ark.com
Sun Mar 16 17:49:18 GMT 2003
:-)
I guess my only proof could be Jeremy.
Jeremy knows me a bit.
I gave him a little help with one of the latest fixes in 2.2.8 (delete on
close).
Appreciate your help,
Nir Livni
-----Original Message-----
From: Richard Sharpe [mailto:rsharpe at richardsharpe.com]
Sent: Sunday, March 16, 2003 8:06 PM
To: Nir Livni
Cc: samba-technical at samba.org
Subject: RE: Question - Latest security alery of samba
On Sun, 16 Mar 2003, Nir Livni wrote:
> I've read the announcement carefully.
> The announcement does not point a specific threat in the samba code.
> It mentions that "This version of Samba adds explicit overrun and
> overflow checks on fragment re-assembly of SMB/CIFS packets to ensure
> that only valid re-assembly is performed by smbd."
>
> It also mentions that samba is highly vulnerable to attacks from an
> external network, And that
> 1. host based protection
> 2. interface protection
> 3. Using a firewall
> 4. Using a IPC$ share deny
> May reduce vulnerability to such attacks.
>
> There is no access to my samba servers from the internet, but I would
> like to know more about this security issue - specially, which source
> codes are involved. (SMB client code is currently no issue for me) Any
> list of affected source files would be appreciated.
How can we be sure that you are not a script-kiddie?
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
More information about the samba-technical
mailing list