| Art Clemons on Mon, 17 Mar 2003 17:05:24 -0500 |
|
Arthur S. Alexion: I have finally made a serious attempt at getting Samba to work. At this point, the Linux machine can "see" the windows machines, but not vice versa. I am using SWAT, Samba 2.2.1a, smbd and nmbd are reported as running, and I have set up one share in addition to the [homes] section. Any ideas where I should look for problems? Arthur and anyone else using Samba, there is a major security flaw in most recent versions of Samba. I suggest upgrading to 2.2.8 as soon as possible if not yesterday. http://www.samba.org A quote from one of the Samba websites: Samba News * (14th Mar, 2003) Security Release - Samba 2.2.8 A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. The Release Notes are available on-line. In addition to addressing this security issue, Samba 2.2.8 includes many unrelated improvements. These improvements result from our process of continuous quality assurance and code review, and are part of the Samba team's committment to excellence. The source tarballs are available in both gzip format and bzip2 format. The uncompressed tarball signature should also be downloaded to verify the archive's integrity. _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|