T-024: Vulnerability in Server Message Block (SMB)

Tags

block, security, server

Special Forums Cybersecurity Security Advisories (RSS) T-024: Vulnerability in Server Message Block (SMB)

11-13-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

T-024: Vulnerability in Server Message Block (SMB)

A remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker's SMB server. This vulnerability allows an attacker to replay the user's credentials back to them and execute code in the context of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Cannot login to SMB Server/Authentication denied

Hello, I have problems seting up SMB server in Solaris 11.3. I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly. I have imported the previous zfs pool with share.smb set...

2. Solaris

/network/smb/server goes into maintenance mode.

All I'm running an OpenSolaris system (Nexenta). When doing a svcs I see that/network/smb/server is in maintenance mode. I have run a clear on the service and restarted. I see the same service show online* for a bit but then, enters maintenance every time. In the service log I...

LEARN ABOUT DEBIAN

authen::simple::smb

Authen::Simple::SMB(3pm)				User Contributed Perl Documentation				  Authen::Simple::SMB(3pm)

NAME

       Authen::Simple::SMB - Simple SMB authentication

SYNOPSIS

	   use Authen::Simple::SMB;

	   my $smb = Authen::Simple::SMB->new(
	       domain => 'DOMAIN',
	       pdc    => 'PDC'
	   );

	   if ( $smb->authenticate( $username, $password ) ) {
	       # successfull authentication
	   }

	   # or as a mod_perl Authen handler

	   PerlModule Authen::Simple::Apache
	   PerlModule Authen::Simple::SMB

	   PerlSetVar AuthenSimpleSMB_domain "DOMAIN"
	   PerlSetVar AuthenSimpleSMB_pdc    "PDC"

	   <Location /protected>
	     PerlAuthenHandler Authen::Simple::SMB
	     AuthType	       Basic
	     AuthName	       "Protected Area"
	     Require	       valid-user
	   </Location>

DESCRIPTION

       Authenticate against an SMB server.

METHODS

       * new
	   This method takes a hash of parameters. The following options are valid:

	   * domain
		   Domain to authenticate against. Required.

		       domain => 'NTDOMAIN'

	   * pdc   Primary Domain Controller. Required.

		       pdc => 'PDC'

	   * bdc   Backup Domain Controller.

		       bdc => 'BDC'

	   * log   Any object that supports "debug", "info", "error" and "warn".

		       log => Log::Log4perl->get_logger('Authen::Simple::SMB')

       * authenticate( $username, $password )
	   Returns true on success and false on failure.

SEE ALSO

       Authen::Simple.

       Authen::Smb.

AUTHOR

       Christian Hansen "ch@ngmedia.com"

COPYRIGHT

       This program is free software, you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.8.8							    2008-02-29						  Authen::Simple::SMB(3pm)

Security Advisories (RSS)