An Anonymous Coward writes:
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
[...] The newly discovered remote code execution vulnerability (CVE-2017-7494) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," Samba wrote in an advisory published Wednesday.
(Score: 0) by Anonymous Coward on Sunday May 28 2017, @06:20PM
look, you poor, ignorant windows user, if it's designed to be run on a lan, then you don't put it on the internet without more steps/filters being in front of it. firewall rules, openvpn, etc. the password auth of the application or some such shit, doesn't freaking count. if the "victim" doesn't know that, then they deserve part of the blame. lazy idiots want to do shit without learning anything, then whine like someone who donated Free Software should have made it impossible for them to deploy in a stupid way. It's absurd.