[Samba] CVE-2008-1105 - clarification request
Gustavo Homem
gustavo at angulosolido.pt
Fri Jun 6 18:54:49 GMT 2008
On Friday 06 June 2008 19:49, Gerald (Jerry) Carter wrote:
> Gustavo Homem wrote:
> > Hi,
> >
> > The announcement states:
> >
> > "Secunia Research reported a vulnerability that allows for
> > the execution of arbitrary code in smbd"
> >
> > Does this means arbitrary code executed "as root" ou as the user that is
> > authenticaded after smdb drops privilegies?
>
> Potentially either. smbd never drops privileges and can always
> re-become root.
Are you sure about this?
├─smbd─┬─2*[smbd]
│ ├─smbd(gustavo)
│ └─smbd(asdrubal)
From pstree I allways see an smbd process for each user mount.
What I want to know is if the vulnerable call is run as the local user or
root.
Thanks
Gustavo
>
> > Does this affect samba 2.x as well? What versions?
>
> Technically affects Samba 2.2.4 and later. but Samba 2.2 is
> reached EOL several years ago.
>
>
>
>
> cheers, jerry
--
Angulo Sólido - Tecnologias de Informação
http://angulosolido.pt
More information about the samba
mailing list