Security fix, new loglines

Thomas Egrelius egge at canit.se
Mon Sep 29 14:37:40 GMT 1997


Hi!

Following message were cut from the releasenote about the recently
security fix


---8<---
A new release of Samba has now been made that fixes the security
hole. The new release is version 1.9.17p2 and is available from
ftp://samba.anu.edu.au/pub/samba/samba-1.9.17p2.tar.gz 

This release also adds a routine which logs a message if anyone
attempts to take advantage of the security hole. The message (in the
Samba log files) will look like this:

        ERROR: Invalid password length 999
        you're machine may be under attack by a user exploiting an old bug
        Attack was from IP=aaa.bbb.ccc.ddd

where aaa.bbb.ccc.ddd is the IP address of the machine performing the
attack.
---8<---

I've installed the new version, and tried to use the exploit to get root
access on our Linux-machine. As expected this didn't work. BUT I didn't
get the message in my logfiles. I've even tried with debug level 10 with
no success.

We're running a 2.0.30 kernel.

Any suggestions?

--
Rgds Thomas Egrelius



More information about the samba mailing list