[Samba] Kulak exploit
Chris Gonnerman
chris at newcenturycomputers.net
Wed Jun 11 15:07:32 GMT 2003
Some time ago one of my customer's computers was compromised by outside
attackers, and though we were able to clean it up I never learned how.
A few weeks back, my own office machine was hacked and the signs were
similar; but this time I found an exploit program named "kulak" in my
/tmp directory.
Evidently (according to the source, which the attacker left behind also)
kulak exploits a buffer overflow in Samba 2.2.8 to get a root shell. I
searched Google to no avail for this exploit; so I am asking here. Is
this bug fixed in later versions? Has anyone even heard of this?
-- Chris.
More information about the samba
mailing list