Samba has announced a 0-day exploit that's caused the computing world to sit up and... yawn. Details here: http://www.samba.org/samba/news/symlink_attack.html
I think SANS says it best:
"When is a 0day not a 0day? When the exploit ends up being just a poor default configuration issue. It can lead to files being read, that the user has permission to read."
So what we have here is an exploit that allows users to read files that... they have permission to read. No privilege escalation.
Yawn. If this really bothers you, add
[global]
wide links = no
to your smb.conf file, and restart. Of course, this will break allowing symlinks in an exported share.
Spam Resource Spotlight: Annalivia Ford
11 hours ago
Posts
No comments:
Post a Comment