Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible SAMBA Vulnerability

Posted by michael on from the apt-get-time-again dept.

veg writes "The samba team have released 2.2.7 following the discovery of a secureity hole in versions 2.2.2 to 2.2.6 that could lead to remote root access. Eeek! Full story on the samba site"

15 of 32 comments (clear)

  1. Too much of a good thing by MarkusQ · · Score: 5, Funny

    The samba team have released 2.2.7 following the discovery of a secureity hole in versions 2.2.2 to 2.2.6 that could lead to remote root access.

    So, basically, they're vacillating on the question of full SMB compatibility?

    -- MarkusQ

  2. When by Bob+Zer+Fish · · Score: 2, Interesting

    When was this vulnerability discovered? People are always comparing Microsoft to OpenSource in the speed of the correction of security flaws. I was wondering if anyone knew, so that I could see if Microsoft is *-that-* bad, or if they're getting better.

    1. Re:When by Jeremy+Allison+-+Sam · · Score: 5, Interesting

      Eloy Paris and Steve Langasek (spelling?) of the Debian
      Samba community were chasing a user reported core dump bug
      and they noticed the problem.

      They reported it to security@samba.org, and I fixed it that
      night (with a perfectly correct CVS comment that also failed
      to point out the security hole :-).

      We then worked with the Linux vendors via the vendorsec
      mailing list to ensure they were all aware of the problem
      and could issue updates at the same time we announced. Once
      we'd tested the release, we pushed the button and released...

      That is a nice textbook case of how Open Source/Free Software
      security can work.

      Cheers,

      Jeremy Allison,
      Samba Team

    2. Re:When by mithras+the+prophet · · Score: 5, Insightful
      We then worked with the Linux vendors via the vendorsec mailing list to ensure they were all aware of the problem and could issue updates at the same time we announced. Once we'd tested the release, we pushed the button and released...

      What about Apple? Do you work directly with them? I would wager that the millions of Mac OS X-equipped Macs sold each year are rapidly making Apple the #1 distributor of Samba...

      --
      four nine eighteen twenty-7 thirty-nine forty-7 fiftyeight sixty-nine seventy-9 eighty-8 one-hundred-and-nine one-twenty
  3. typical rant ahead by honold · · Score: 2, Flamebait

    "The samba team have released 2.2.7 following the discovery of a secureity hole in versions 2.2.2 to 2.2.6 that could lead to remote root access. Eeek! Full story on the samba site"

    the slashdot team have released a story to the developers section following the discovery of a "secureity" hole in samba that could lead to remote root access

    what does this have to do with developers? it has everything to do with a large base of the slashdot audience. this should be main page news.

    1. Re:typical rant ahead by xchino · · Score: 3, Insightful

      I would justify it being posted here. It hasn't been found to be exploitable, even by the samba team. They have, however released a new version to correct this (as well as add a few features and fixes), showing excellent mode of quality control exceeding that which often even proprietary software vendors fail to meet, in an OpenSource model. Just a thought...

      --
      Everyone is entitled to their own opinion. It's just that yours is stupid.
  4. embedded systems by bill_mcgonigle · · Score: 2

    Lots of embedded systems developers use Samba to provide SMB services.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:embedded systems by bill_mcgonigle · · Score: 2

      Umm, I was answering the question 'what does samba have to do with developers', not defending the Slashdot editors. C'mon, noone defends the slashdot editors.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  5. Re:Funny... by elno · · Score: 2, Insightful

    I think is a matter of relevance :
    IE holes come in a "combo meal" Detail Desc + sample + any side item + toy ( If you want to play with the sample code )

    This samba hole on ther other hand does not even have a concrete way to take advantage of.

    From samba.org:
    A security hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could potentially allow an attacker to gain root access on the target machine. The word "potentially" is used because there is no known exploit of this bug, and the Samba Team has not been able to craft one ourselves. However, the seriousness of the problem warrants this immediate 2.2.7 release.

  6. Re:Phew by Jeremy+Allison+-+Sam · · Score: 5, Funny

    If you can craft an exploit for this, please
    mail it to me and we'll talk about getting you
    working full time on Samba.

    Yes, it could crash smbd (for the authenticated
    user) but causing it to run code is another matter.

    We couldn't work out how to do that, but hey, I'm
    willing to believe you might know how. Show me.

    Or are you just mouthing off with no expertise to
    back it up ?

    Regards,

    Jeremy Allison,
    Samba Team.

  7. Re:it's a mystery by Jeremy+Allison+-+Sam · · Score: 3, Informative

    Because it doesn't crash anymore when you
    send it a packet that would overflow the buffer :-).

    Cheers,

    Jeremy Allison,
    Samba Team.

  8. Never ever trust your internal network. by miffo.swe · · Score: 4, Informative

    Depending on what level of security you strive for ofcourse. There will always be back entryways into your network. A firewall that stops incoming traffic on let say port 137-139 doesnt stop all attacks. Someone might aswell succed in hacking something else on another port and then go on to the samba server from the internal network.

    I also strongly suggest you not to trust inhouse staff completely. Most hackings that really hurts are insiders that rarely gets discovered.

    --
    HTTP/1.1 400
    1. Re:Never ever trust your internal network. by OneFix · · Score: 2

      Then you have HR problems...

      And internal LAN is only useful if employees have a certain amount of freedom to do what they need...sure, most things should be password protected, remote access should have multiple "barriers to entry"...SecureID, Login, Pass, etc...

      But...your argument could hold true for any amount of security. Certainly you must understand that at some time, you must trust your employees...

      As for most exploits, they are simply too difficult to implement for your average user to "pull off"...for the rest of your users, they're probably too busy to bother...

      Even then, there's going to be a small group of "troublemakers" that could cause problems, but they are probably going to be fired shortly anyhow...

      So, in short...the only "secure" system is an unplugged system.

    2. Re:Never ever trust your internal network. by miffo.swe · · Score: 2

      Hey man, ever seen office space?

      --
      HTTP/1.1 400
    3. Re:Never ever trust your internal network. by OneFix · · Score: 2

      Exactly...there are certainly truths in this film, but what makes it so funny is that they "cross the line"...There are alot of ppl in the situation they were...but there are reasons why ppl simply won't do that...first thing is most ppl don't want to go to federal "pound me in the A$$" prison!!! Then again, there's also something called morals...

      But then again, when your top programmers are all conspiring to befraud the company, there's not much you can do in IT...the only way to deal with that kind of situation is to clean up the mess...

      In reality, HR skrewed up by letting anyone outside of executive staff know before hand (Peter shouldn't have been told till it happened)...But then again, Milton burns down the building...now how could IT prevent that?