Linux Users Beware: Patch New Samba Flaw 'Immediately'
Apr 12, 2012, 11:03 (0 Talkback[s])
(Other stories by Kelly Jackson Higgins)
"The bug in Samba versions 3.6.3 and previous versions is a
buffer overflow flaw in Samba's remote procedure call code. "As
this does not require an authenticated connection it is the most
serious vulnerability possible in a program, and users and vendors
are encouraged to patch their Samba installations immediately,"
according to a newly issued advisory from Samba on the new
CVE-2012-1182 vulnerability, which includes links to patches for
the software.
"Nicholas Percoco, senior vice president and head of Trustwave
SpiderLabs, says the flaw affects anyone who has embedded
Linux-based appliances that use Samba for file sharing, such as
NASes, print servers, and printers. While these devices tend to run
in an intranet rather than over the big Internet, the main risk
would be from a sophisticated targeted attack or a malicious
insider, he says. "
Complete Story
Related Stories:
- Setting Up A Linux File Server Using Samba(Mar 13, 2012)
- Ubuntu 11.10 Samba Standalone Server With tdbsam Backend(Jan 14, 2012)
- Microsoft contributes open-source code to Samba(Nov 03, 2011)
- Samba now accepts corporate copyright.(Oct 16, 2011)
- Using and configuring Samba under Linux/Unix(Sep 22, 2011)
- We won and we didn't notice - a conversation with Jeremy Allison of Samba(Sep 06, 2011)
- Ubuntu 11.04 Samba Standalone Server With tdbsam Backend(Aug 17, 2011)
- Linux Top 5: Samba Advances and Red Hat Shifts to the Cloud(Aug 17, 2011)
- Samba 3.6 released with SMB2 support.(Aug 09, 2011)
- Configuring a SAMBA Print Server(Jul 04, 2011)
