Find the answer to your Linux question:
Results 1 to 5 of 5
There appeared recently an article in the LF newsletter about a Samba Vulnerability! Vulnerability in Samba provides access to files - The H Security: News and Features Is this something ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676

    Lf newsletter Samba Vulnerability?


    There appeared recently an article in the LF newsletter about a Samba Vulnerability!
    Vulnerability in Samba provides access to files - The H Security: News and Features

    Is this something I should be worried about; and if, so how do I fix it??
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

  2. #2
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    Samba is for sharing files with a Windows computer. I doubt you have Samba installed but you might have installed it by default. Check your package manager and search for Samba.
    Also, from reading the link you posted, it would be easy to avoid by disabling guest logins and make sure no one has an account besides yourself.
    To exploit the flaw (directory traversing), attackers first have to have an account on the Samba server that includes write access to at least one share. However, if a share is defined as writeable for guests, the hole can even be exploited remotely without such an account on the server. Under standard settings, no shares are writeable for guests
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  3. #3
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676
    Thanks, Mike! Samba is indeed installed in my ubuntu 8.04 os If I remove it the ubutu desktop also is removed. How do I disable the remote log in??
    Last edited by cousinlucky; 02-14-2010 at 05:09 AM.
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

  4. $spacer_open
    $spacer_close
  5. #4
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    From the Article
    Code:
    As a workaround, the developers recommend changing the option wide links under [global] from yes to no (wide links = no) and rebooting the server
    So open the file /etc/samba/smb.conf with your favorite text editor and add/change the line in the section titled
    Code:
    [global]
    wide links = no
    Restart samba
    Code:
    sudo /etc/init.d/samba restart
    Or just disable it and be worry free.
    Code:
    sudo update-rc.d -f samba remove
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  6. #5
    Linux Enthusiast cousinlucky's Avatar
    Join Date
    Dec 2005
    Location
    New York City
    Posts
    676
    Thanks Again, MikeTbob!! I looked at the file but I do not see " wide links "!!

    See for yourself:

    #======================= Global Settings =======================

    [global]

    ## Browsing/Identification ###

    # Change this to the workgroup/NT-domain name your Samba server will part of
    workgroup = WORKGROUP

    # server string is the equivalent of the NT Description field
    server string = %h server (Samba, Ubuntu)

    # Windows Internet Name Serving Support Section:
    # WINS Support - Tells the NMBD component of Samba to enable its WINS Server
    ; wins support = no

    # WINS Server - Tells the NMBD components of Samba to be a WINS Client
    # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
    ; wins server = w.x.y.z

    # This will prevent nmbd to search for NetBIOS names through DNS.
    dns proxy = no

    # What naming service and in what order should we use to resolve host names
    # to IP addresses
    ; name resolve order = lmhosts host wins bcast

    #### Networking ####

    I added # wide links = no and saved the file!! the restart code was not accepted so i just restarted my computer!!
    Last edited by cousinlucky; 02-15-2010 at 01:22 AM.
    PCLinuxOS Gnome and PCLinuxOS Mate
    Linux user # 414321
    You Should Not Give In To Evils, But Proceed Ever More Boldly Against Them!! -from book six of Virgil's Aeneid
    Everything Within The Universe Is Related; We Are All Cousins!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •