[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Samba symlink vulnerabilities
If you are:
- Running Samba for providing shares to multiple users
- Also allowing these users to login to a shell on the Samba server
- Permitting symlinks in Samba (Follow Symlinks = on), and
- Have a common upload directory
you are vulnerable to a nasty local root compromise attack. Please
turn off Follow Symlinks in smb.conf to be safe.
I'm not posting the vulnerability here: it's available at your regular
neighbourhood vulnerability store.
Raju Mathur raju@xxxxxxxxxxxxx http://kandalaya.org/