SAMBA "root" credential remote code execution.

Published: 2012-04-10
Last Updated: 2012-04-10 20:18:56 UTC
by Swa Frantzen (Version: 1)
2 comment(s)

Samba - "a Windows SMB/CIFS fileserver for UNIX" seems to have a serious security vulnerability that samba versions 3.6.3 and all versions prior to it have a vulnerability that allows remote code execution as the "root" user from an anonymous connection.

Yep, time to upgrade SAMBA.

https://www.samba.org/samba/security/CVE-2012-1182

Hat tip: Charlie

--
Swa Frantzen -- Section 66

Keywords: samba
2 comment(s)

Comments

Does anyone know if there is exploit code, publicly available?
Yes. Exploit Code is publicly available for this vulnerability. Patch now.

Diary Archives