Security fix, new loglines
Andrew Tridgell
tridge at samba.anu.edu.au
Tue Sep 30 07:00:57 GMT 1997
> I've installed the new version, and tried to use the exploit to get root
> access on our Linux-machine. As expected this didn't work. BUT I didn't
> get the message in my logfiles. I've even tried with debug level 10 with
> no success.
There are several possible reasons for this.
The most likely is that you are not using the exploit code
correctly. The instructions given in the exploit that was posted are
not complete and are partly inaccurate. This is probably a good thing.
The new log message will only appear if the intruder gets the attack
right. The offets don't have to be right, but the rest of the attack
does need to be.
If you stuff up the exploit then you will just get a failed login in
your Samba log files.
Andrew
More information about the samba
mailing list