[Samba] Samba 4.1.6 huge security flaw

Gregory Sloop gregs at sloop.net
Tue Apr 22 09:59:01 MDT 2014


You may have disconnected the share, but still have a connection using
the admin credentials.

Do a "net use" at a command prompt. This should show you any existing
connections [even if not mapped] to the AD in question.

I would almost guarantee that you still have an "admin/root"
connection to the problem domain.

Use "net use someconnection /delete" to remove the connection and try
again.

You can't build two connections to the same AD from the same machine
with different accounts - so if you have an existing connection as
admin, all additional connections will also be as admin.

-Greg

b> I did more thinking on the problem. Among the normal shares that the
b> "user_issue" should have access, I mapped another share with administrator
b> and checked to remember credentials. I do not know if this is causing the
b> whole story, so I disconnected the share, but the access is still the same
b> on the other shares - full access when in fact it should be
b> grain-controlled. How can I make Windows forget about the administrator
b> password? I thought this happens when you disconnect the share.



b> --
b> View this message in context:
b> http://samba.2283325.n4.nabble.com/Samba-4-1-6-huge-security-flaw-tp4664312p4664315.html
b> Sent from the Samba - General mailing list archive at Nabble.com.




More information about the samba mailing list