Security Flaws In Linux SMBFS

← Back to Stories (view on slashdot.org)

Security Flaws In Linux SMBFS

Posted by timothy on Monday November 22, 2004 @12:13PM from the or-would-you-rather-wait-for-service-pack-n dept.

An anonymous reader points out this SecurityFocus alert, which starts "The Linux kernel is reported susceptible to multiple remote vulnerabilities in the SMBFS network file system. These vulnerabilities may lead to the execution of attacker-supplied machine code, information disclosure of kernel memory, or kernel crashes, denying service to legitimate users. Versions of the kernel in both the 2.4, and the 2.6 series are reported susceptible to various issues."

15 of 347 comments (clear)

It's a FEATURE by kesuki · 2004-11-22 12:16 · Score: 5, Funny

you haven't emulated SMB unless you allow remote execution of code ;)

--
https://www.gnu.org/philosophy/free-sw.html
1. Re:It's a FEATURE by Anonymous Coward · 2004-11-22 12:29 · Score: 2, Funny
  
  But it will be a while before the Samba team gets Linux to BSOD. Dammable Developers
yeah ... by nanodude · 2004-11-22 12:18 · Score: 3, Funny

well ... windows file sharing is just that ... a security flaw
Hmmm..... by Azh+Nazg · 2004-11-22 12:18 · Score: 2, Funny

Makes me glad that I have an SMB block enforced on my rou32der324f[NO CARRIER]

--
Azh nazg durbataluk, azh nazg gimbatul, Azh nazg thrakataluk agh burzum ishi krimpatul! This sig blocked by Slashdot.
Wow, A Flaw by Anonymous Coward · 2004-11-22 12:19 · Score: 0, Funny

A security flaw in the implementation of a protocol developed by Microsoft? Naw... Couldn't be! Microsoft's stuff is built to last. There's no such thing as a security vulnerability in Windows.
Don't worry! by Tezkah · 2004-11-22 12:24 · Score: 5, Funny

SP2 users are unaffected.
Irony isn't something you dewrinkle clothes with by Anonymous Coward · 2004-11-22 12:28 · Score: 1, Funny

SMB is a Microsoft protocol.
Heh.
Re:I'm glad this hit slashdot by Anonymous Coward · 2004-11-22 12:29 · Score: 4, Funny

CifsFS

This message was brought to you by the department of redundancy department.
Re:Everyone makes mistakes by sl4shd0rk · 2004-11-22 12:49 · Score: 2, Funny

Well, not to sound like a broken record, but you can bet your sweet ass that the smbfs module code will be fixed quicker than you can say rmmod, or if you prefer, quicker than you can say "make dep clean bzImage modules modules_install".

The difference is the opportunity to take action through the utilization of an openly available codebase.

--
Join the Slashcott! Feb 10 thru Feb 17!
Re:But... by Anonymous Coward · 2004-11-22 13:25 · Score: 1, Funny

Can we start blaming Microsoft for bugs in Linux now?

Was fuer ein frage ist dieser?
You on /. son, where the only thing less connected with reality is a political campaign...
ERROR! by DAldredge · 2004-11-22 13:53 · Score: 2, Funny

ERROR DETECTED

REASON - NFS used with in 10 words of the word secure.

RESULT - AHHHH!!!!
Re:But... by Q2Serpent · 2004-11-22 15:50 · Score: 3, Funny

more than root

...God?
Re:But... by Netsnipe · 2004-11-22 16:41 · Score: 3, Funny

remove from the LAN/WAN, dissect then reinstall. Its the only safe way.
No. I say we take off and nuke the entire site from orbit. It's the only way to be sure.

--
-- "I can't tell the future, I just work there." -- The Doctor
Re:But... by Xeleema · 2004-11-22 19:00 · Score: 2, Funny

Funny, I googled for "remote linux root exploits" and I didn't get a single hit. That clearly points to the obvious; Google's Censoring Linux Vulnerabilites!! OMFG!! Now only if it.slashdot didnt have such a shitty color sheme, maybe I'd feel better about my IT-related job and stop posting mindless drivel like this.
AC is for cowards!

--
"When I am king, you will be first against the wall..."
Scape goat by Anonymous Coward · 2004-11-23 02:35 · Score: 1, Funny

OMG! How can we find a way to blame Microsoft?!!?