-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gustavo Homem wrote: > Hi, > > The announcement states: > > "Secunia Research reported a vulnerability that allows for > the execution of arbitrary code in smbd" > > Does this means arbitrary code executed "as root" ou as the user that is > authenticaded after smdb drops privilegies?
Potentially either. smbd never drops privileges and can always re-become root. > Does this affect samba 2.x as well? What versions? Technically affects Samba 2.2.4 and later. but Samba 2.2 is reached EOL several years ago. cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFISYarIR7qMdg1EfYRAlRYAJ9H2r9BYLx0JTkyXWrgHJTTqNpCSACgzL9m H+R/lv3EeG6Qfk4JISPTfIc= =7wU+ -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
