Slashdot Mirror

← Back to Stories (view on slashdot.org)

Samba Exploit Discovered, Fixed

Posted by timothy on from the lickety-split-sortof dept.

An anonymous reader submits: "Digital Defense reported a remote root vulnerability in Samba that has existed in Samba source code for over 8 years. If it hadn't been caught from a wild packet capture, who knows how many more years it might have gone on. Fixes for this, and at least three other vulnerabilities have been fixed today. This is a serious threat to many thousands of people.. Did you plan to spend your Monday upgrading to Samba 2.2.8a?" elijahao supplies some more information: "All stable versions are affected (2.x), but the 3.0 series is not. Here is a link to the News page. Check out a mirror near you to get the Source or Security patches from 2.2.7a, 2.2.8, or 2.0.10."

3 of 221 comments (clear)

  1. Mondays? by raydobbs · · Score: 5, Funny

    I thought Monday was Patch Your Microsoft Server days... SAMBA is allowed Thursday, or was that...Wednesday...? I forget....

    1. Re:Mondays? by Lxy · · Score: 5, Funny

      I thought Monday was Patch Your Microsoft Server days

      Samba is just trying to emulate every aspect of a Windows server, including Windows patch Mondays.

      Yet another compatibility feature we can check off the list.

      --

      There is no reasonable defense against an idiot with an agenda
      :wq
  2. Feature? by Jonathan+the+Nerd · · Score: 5, Funny

    Well, Samba is supposed to make a Unix computer look and act like a Windows server, right? In that case, it could be argued that a remote root exploit is a feature.

    --
    Disclaimer: The opinions expressed are not necessarily my own, as I've not yet had my medication today.