Vulnerabilities in Samba file and printer server plugged
According to a report, merely sending an unexpected 'Oplock break notification' was sufficient for a client to send the smbd service into an endless loop, disabling the server. This case should not arise under normal circumstances and, according to the developers, the server accepts the relevant packets only where the attacker has already been authenticated.
Where a user's home directory in the /etc/passwd file is blank, it may also be possible to break out of the defined root directory. Attackers could exploit this to access arbitrary files on the server.
A bug when checking access rights in the mount.cifs client application results in parts of the content of credential files being disclosed to other users. Credential files allow login details for automatic mounts to be swapped out, thus avoiding having them in the publicly viewable /etc/fstab file.
Copyright 2011. Site powered by Bitdefender