[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Samba symlink 0day flaw
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-02-05 18:51:37
Message-ID: 721400777.1212531265395897361.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
As many of you have probably seen, there was a supposed Samba 0day flaw
posted to full-disclosure and youtube.
Samba has a response to this:
http://marc.info/?l=samba-technical&m=126539387432412&w=2
I'm not sure if this should get a CVE id. It is documented behavior.
Somewhat unexpected though. I think changing the default is the right way
to go, but it may be more of a hardening measure than a security fix.
Thoughts Steve?
Thanks.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic