search for: server_security

...are connection requests. This defect affects all Samba configurations. ================== Patch Availability ================== A patch for Samba 3.0.1 - 3.0.22 has been posted at http://www.samba.org/samba/security/. Guidelines for securing Samba hosts are listed at http://www.samba.org/docs/server_security.html ======= Credits ======= This security issue discovered during an internal security audit of the Samba source code by the Samba Team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ====================================...

...are connection requests. This defect affects all Samba configurations. ================== Patch Availability ================== A patch for Samba 3.0.1 - 3.0.22 has been posted at http://www.samba.org/samba/security/. Guidelines for securing Samba hosts are listed at http://www.samba.org/docs/server_security.html ======= Credits ======= This security issue discovered during an internal security audit of the Samba source code by the Samba Team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ====================================...

Samba 3.2.5 on Debian Lenny From: http://www.samba.org/samba/docs/server_security.html "Samba is able to limit the number of concurrent connections when smbd is launched as a daemon (not from inetd). The 'max smbd processes' smb.conf option allows Administrators to define the maximum number of smbd processes running at any given point in time. Any further attempts f...

...run the latest stable release as a defense against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. ======= Credits ======= This security issue was reported to Samba developers by iDEFENSE Labs. The vulnerability was discovered by Greg MacManus, iDEFENSE Labs. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ======...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). The defect discovery was anonymously reported to iDEFENSE via their Vulnerability Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp). - -- Our Code, Our Bugs, O...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- The source code can be downloaded from : http://download.samba.org/samba/ftp/ The uncompressed tarball and patch file h...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Please report any security related issues to <security@samba.org> Our Code, Our Bugs, Our Responsibility. --...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- This security issue was reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Lin...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- This security issue was reported to Samba developers by Stefan Esser from e-matters Security (http://security.e-matters.de/). - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Commen...

...run the latest stable release as a defense against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. ======= Credits ======= This security issue was reported to Samba developers by iDEFENSE Labs. The vulnerability was discovered by Greg MacManus, iDEFENSE Labs. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ======...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). The defect discovery was anonymously reported to iDEFENSE via their Vulnerability Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp). - -- Our Code, Our Bugs, O...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- The source code can be downloaded from : http://download.samba.org/samba/ftp/ The uncompressed tarball and patch file h...

...n the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- Both security issues were reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Please report any security related issues to <security@samba.org> Our Code, Our Bugs, Our Responsibility. --...

...d printer command, etc...) from smb.conf. The Samba Team always encourages users to run the latest stable release as a defense against attacks. If this is not immediately possible, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html ======= Credits ======= This vulnerability was discovered by an anonymous researcher and reported to Samba developers by Joshua J. Drake, iDefense Labs (http://www.idefense.com/), as part of their Vulnerability Contributor Program. The time line is as follows: * May 7, 2007: Initial defe...

...anging the server code in the smbd daemon. The Samba Team always encourages users to run the latest stable release as a defense against attacks. If this is not immediately possible, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html ======= Credits ======= This vulnerability was reported to Samba developers by Brian Schafer, TippingPoint Security Response Lead, as part of the Zero Day Initiative (http://www.zerodayinitiative.com). The time line is as follows: * April 25, 2007: Four individual defects reported to the...

...anging the server code in the smbd daemon. The Samba Team always encourages users to run the latest stable release as a defense against attacks. If this is not immediately possible, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html ======= Credits ======= This vulnerability was reported to Samba developers by Paul Griffith <paulg@cse.yorku.ca> and Andrew Hogue. Much thanks to Paul and Andrew for their cooperation and patience in the announcement of this defect. Thanks also to Samba developers James Peach and J...

Hello, tonight my home samba server attracted my attention because i had seen that the complete traffic (copy user->server / server->user) goes via eth0 and not how specified in smb.con via the eth2 interface. i tried to bind it like this: *interfaces = lo eth2 * in smb.conf ... any idea? best regards Jan