SoylentNews is people
SoylentNews
An Anonymous Coward writes:
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
[...] The newly discovered remote code execution vulnerability (CVE-2017-7494) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," Samba wrote in an advisory published Wednesday.
This discussion has been archived.
No new comments can be posted.
7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely
|
Log In/Create an Account
| Top
| 36 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
While most peoples' opinions change, the conviction of their
correctness never does.
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @06:20PM
If you use simple file sharing (but not the Windows Homegroup method) to share a single folder on your LAN, it also exposes the users entire folder structure. Example... Create a folder called "Shared Files" in any user folder, perhaps in the Downloads folder. Share the folder on your LAN. Now browse the network from another PC on the LAN and look for the "Users" folder. Everything is there ready to see... The Documents folder, Photos, Music, Videos, all the files within those folders, etc. This has been a problem from Win95 to Win10. There's a way to remove this bug by unsharing the User folder, but Windows update borks it again and again.