Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: SAMBA "root" credential remote code execution. - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
SAMBA "root" credential remote code execution.

Samba - "a Windows SMB/CIFS fileserver for UNIX" seems to have a serious security vulnerability that samba versions 3.6.3 and all versions prior to it have a vulnerability that allows remote code execution as the "root" user from an anonymous connection.

Yep, time to upgrade SAMBA.

https://www.samba.org/samba/security/CVE-2012-1182

Hat tip: Charlie

--
Swa Frantzen -- Section 66

Swa

760 Posts
Does anyone know if there is exploit code, publicly available?
@Miss_Sudo

12 Posts
Yes. Exploit Code is publicly available for this vulnerability. Patch now.
Mark

81 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!