[Pkg-samba-maint] Bug#568493: samba: zero-day remote access exploit
Michael Gilbert
michael.s.gilbert at gmail.com
Fri Feb 5 17:23:27 UTC 2010
On Thu, 4 Feb 2010 23:18:18 -0800, Steve Langasek wrote:
> severity 568493 important
> thanks
>
> On Fri, Feb 05, 2010 at 01:07:14AM -0500, Michael Gilbert wrote:
> > package: samba
> > version: 2:3.4.5~dfsg-1
> > severity: critical
>
> > hi, a zero-day remote access exploit has been demonstrated using a
> > vulnerability in samba [0]. the only info to go on right now is a
> > rather blurry video demonstrating the exploit in action as well as the
> > code modified. i know this isn't a lot to go on, but hopefully its
> > enough info to figure out the problem.
>
> > mike
>
> > [0] http://seclists.org/fulldisclosure/2010/Feb/82
>
> Why are you presuming to file critical-severity bugs for an unconfirmed
> vulnerability if you can't even give a description of what that
> vulnerability is?
when issues are disclosed, they should be tracked so they can be
fixed; regardless of how much information is presently available, or
whether it has been "confirmed", by which i think you actually mean
reproduced. the only way to consider this unconfirmed is if the video
were faked, which is a possibility. however, we should err on the side
of caution and assume that it is real until proven otherwise.
debian bug severity critical:
[...] or introduces a security hole on systems where you install the
package.
> you allow untrusted users anonymous access to a Samba share, they can read
> any files on the system that your guest user (i.e., user 'nobody') can read.
no, if you watch the video closely (also see [0]), you can see that they
have read access to pretty much any file on the system
(i.e. /etc/passwd) and write access to any location writable by the
account they connect under.
> That's a bug, it should be fixed, but its impact isn't release-critical.
it's your call, but i disagree.
mike
[0] http://seclists.org/fulldisclosure/2010/Feb/99
More information about the Pkg-samba-maint
mailing list