The Red Hat security team has released an advisory on a Samba vulnerability effecting Samba version 3.5.0 through 4.2.0rc4. "It can be exploited by a malicious Samba client, by sending specially-crafted packets to the Samba server. No authentication is required to exploit this flaw. It can result in remotely controlled execution of arbitrary code as root." [1] A patch [2] has been released by the Samba team to address the vulnerability.
[2] https://www.samba.org/samba/history/security.html Chris Mohan --- Internet Storm Center Handler on Duty |
Chris 105 Posts ISC Handler Feb 26th 2015 |
Thread locked Subscribe |
Feb 26th 2015 5 years ago |
Sign Up for Free or Log In to start participating in the conversation!