[ubuntu-za] Samba
Gustav H Meyer
gustav at gcis.gov.za
Fri May 26 08:12:33 UTC 2017
On 25/05/2017 21:51, Anton May wrote:
> Looks like even Linux servers aren't spared from this bug
>
> http://thehackernews.com/2017/05/samba-rce-exploit.html?m=1
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload
a shared library to a writable share, and then cause the server to
load and execute it,"
My question would be, how will aLinux server load and execute such a
file? It's not quite as simple as on Windows, but yes I'll still
agree with the sentiment of @sb101sb on Twitter this morning, even
if a bit harsh, "When was samba ever considered secure and by who?
Might as well put your testicles on the train track.".
If you really, really need it you better be careful when setting it
up. And most people really do not need it.
Regards,
Gustav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-za/attachments/20170526/7cb2a7fd/attachment.html>
More information about the ubuntu-za
mailing list