In association with heise online

28 August 2008, 14:04

Security update for Samba

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The development team behind the open source file server Samba have released version 3.2.3, which fixes a vulnerability that allows restricted users logged onto the system to escalate their privileges. According to reports, the cause of the problem is that anyone can edit the file group_mapping.ldb, and can therefore map any SID to root, or to other users or groups.

Versions 3.2.0 to 3.2.2 are affected. As well as the new version, patches for existing versions are also available. The developers advise administrators to act without delay. Alternatively, as a workaround file permissions for the file can be set to 600 using chmod.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit