|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2015-02-23 16:06:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Remote code execution vulnerability in Samba
The Samba 4.1.17, 4.0.25 and 3.6.25
releases are available; they fix an unpleasant code-execution
vulnerability. See this
Red Hat security blog entry for more information. "CVE-2015-0240
is a security flaw in the smbd file server daemon. It can be exploited by a
malicious Samba client, by sending specially-crafted packets to the Samba
server. No [authentication] is required to exploit this flaw. It can result in
remotely controlled execution of arbitrary code as root."
The Samba 4.1.17, 4.0.25 and 3.6.25
releases are available; they fix an unpleasant code-execution
vulnerability. See this
Red Hat security blog entry for more information. "CVE-2015-0240
is a security flaw in the smbd file server daemon. It can be exploited by a
malicious Samba client, by sending specially-crafted packets to the Samba
server. No [authentication] is required to exploit this flaw. It can result in
remotely controlled execution of arbitrary code as root."
