[Pluto-security] Samba 2.2.8
Tom aka 'Dido'
tom at pluto.linux.it
Fri Mar 21 08:55:25 CET 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
E' uscita una nuova versione di Samba, che chiude un buco _grosso_ delle
versioni precedenti.
Dalla home page:
(14th Mar, 2003) Security Release - Samba 2.2.8
A flaw has been detected in the Samba main smbd code which could allow an
external attacker to remotely and anonymously gain Super User (root)
privileges on a server running a Samba server. This flaw exists in previous
versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem
and all sites should either upgrade to Samba 2.2.8 immediately or prohibit
access to TCP ports 139 and 445. The Release Notes are available on-line.
In addition to addressing this security issue, Samba 2.2.8 includes many
unrelated improvements. These improvements result from our process of
continuous quality assurance and code review, and are part of the Samba
team's committment to excellence.
Buon patching!
- --
- -------------------------------------
Dido
PGP Public Key
http://web.tiscali.it/di_do/dido.asc
- -------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+esVxQe/GGXXd6zQRAv2oAKCKKDTWNP+b8UAzjGxz6t53uZx4lwCgzyb2
dFZqWeGrGeQknvy3HY4e2GE=
=5y5r
-----END PGP SIGNATURE-----
More information about the pluto-security
mailing list