CVE-2008-1105 - Is samba server 3.0.26a vulnerable?
hagai yaffe
hagaiy at yahoo.com
Mon Jun 16 07:41:52 GMT 2008
Hello,
I have SAMBA server 3.0.26a deployed and I would like to know if they are
vulnerable to the problem described in CVE-2008-1105, if it is I would like
to know how it can be attacked.
I have read in (http://www.samba.org/samba/security/CVE-2008-1105.html) the
following:
“Because the server process, smbd, can itself act as a client during
operations such as printer notification and domain authentication, this
issue affects both Samba client and server installations. ”
How ever I have read in
(http://secunia.com/secunia_research/2008-20/advisory/):
"Successful exploitation allows execution of arbitrary code by tricking a
user into connecting to a malicious server (e.g. by clicking an "smb://"
link) or by sending specially crafted packets to an "nmbd" server configured
as a local or domain master browser."
Our SAMBA is configured such that it cannot be a local / domain master
server (from samba.conf file):
preferred master = False
local master = No
domain master = False
Does this mean that we are not vulnerable? If we are could you describe an
attack scenario?
Any help on this would be great.
Thanks,
Hagai.
--
View this message in context: http://www.nabble.com/CVE-2008-1105---Is-samba-server-3.0.26a-vulnerable--tp17859471p17859471.html
Sent from the Samba - samba-technical mailing list archive at Nabble.com.
More information about the samba-technical
mailing list