Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Samba Security Information Disclosure and DoS - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Samba Security Information Disclosure and DoS

Samba released several updates to fix some security vulnerabilities. Anyone running Samba should take a look at each of the bulletin below and seriously consider upgrading which can be downloaded here.


Information disclosure by setuid mount.cifs - affecting all versions

Remote DoS against smbd on authenticated connections - affecting all versions

Misconfigured /etc/passwd file may share folders unexpectedly - affecting version > 3.0.11


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org


523 Posts
ISC Handler
Oct 4th 2009

Sign Up for Free or Log In to start participating in the conversation!