Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-702-1: Samba vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-702-1: Samba vulnerability
# 1  
Old 01-05-2009
USN-702-1: Samba vulnerability
Referenced CVEs:
CVE-2009-0022


Description:
===========================================================Ubuntu Security Notice USN-702-1 January 05, 2009samba vulnerabilityCVE-2009-0022===========================================================A security issue affects the following Ubuntu releases:Ubuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 8.10: samba 2:3.2.3-1ubuntu3.4In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Gunter Höckel discovered that Samba with registry shares enabled did notproperly validate share names. An authenticated user could gain access to theroot filesystem by using an older version of smbclient and specifying anempty string as a share name. This is only an issue if registry shares areenabled on the server by setting "registry shares = yes", "include = registry",or "config backend = registry", which is not the default.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

ndrdump

NDRDUMP(1)						    System Administration tools 						NDRDUMP(1)

NAME

       ndrdump - DCE/RPC Packet Parser and Dumper

SYNOPSIS

       ndrdump [-c context] {pipe} {function} {in|out} {filename}

       ndrdump [pipe]

       ndrdump

DESCRIPTION

       ndrdump tries to parse the specified filename using Samba's parser for the specified pipe and function. The third argument should be either
       in or out, depending on whether the data should be parsed as a request or a reply.

       Running ndrdump without arguments will list the pipes for which parsers are available.

       Running ndrdump with one argument will list the functions that Samba can parse for the specified pipe.

       The primary function of ndrdump is debugging Samba's internal DCE/RPC parsing functions. The file being parsed is usually one exported by
       wiresharks "Export selected packet bytes" function.

       The context argument can be used to load context data from the request packet when parsing reply packets (such as array lengths).

VERSION

       This man page is correct for version 4.0 of the Samba suite.

SEE ALSO

       wireshark, pidl

AUTHOR

       This utility is part of the Samba[1] suite, which is developed by the global Samba Team[2].

       ndrdump was written by Andrew Tridgell.

       This manpage was written by Jelmer Vernooij.

NOTES

	1. Samba
	   http://www.samba.org/

	2. Samba Team
	   http://www.samba.org/samba/team/

Samba 4.0							    06/17/2014								NDRDUMP(1)