Security fix, new loglines
Thomas Egrelius
egge at canit.se
Mon Sep 29 14:37:40 GMT 1997
Hi!
Following message were cut from the releasenote about the recently
security fix
---8<---
A new release of Samba has now been made that fixes the security
hole. The new release is version 1.9.17p2 and is available from
ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz
This release also adds a routine which logs a message if anyone
attempts to take advantage of the security hole. The message (in the
Samba log files) will look like this:
ERROR: Invalid password length 999
you're machine may be under attack by a user exploiting an old bug
Attack was from IP=aaa.bbb.ccc.ddd
where aaa.bbb.ccc.ddd is the IP address of the machine performing the
attack.
---8<---
I've installed the new version, and tried to use the exploit to get root
access on our Linux-machine. As expected this didn't work. BUT I didn't
get the message in my logfiles. I've even tried with debug level 10 with
no success.
We're running a 2.0.30 kernel.
Any suggestions?
--
Rgds Thomas Egrelius
More information about the samba
mailing list