Date: Fri, 29 Jun 2001 00:13:01 -0400 From: "Ryan Masse" <mail@max-info.net> To: "Lanny Baron" <lnb@freebsdsystems.com> Cc: "FreeBSD-Security" <freebsd-security@freebsd.org> Subject: Re: samba vulnerability Message-ID: <014601c10051$ca88d2c0$3200a8c0@Home> References: <mail@max-info.net> <200106290052.TAA32034@aristotle.tamu.edu> <87u210ngk9.fsf@boggy.acest.tutrp.tut.ac.jp> <20010629033729.31849.qmail@panda.freebsdsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
i'm sure we are all aware of the problem.. my original question was how come this didn't make the freebsd security advisory? Ryan > Hi, > I am the Canadian mirror for Samba.org and the warning is right on the main > page, under NEWS. It's the macro %m and it warns: > > The security hole occurs when a log file option like the following is > used: > > log file = /var/log/samba/%m.log > > In that case the attacker can use a locally created symbolic link to > overwrite any file on the system. This requires local access to the > server. > > If your Samba configuration has something like the following: > > log file = /var/log/samba/%m > > Then the attacker could successfully compromise your server remotely > as no symbolic link is required. This type of configuration is very > rare. > > The most commonly used log file configuration containing %m is the > distributed in the sample configuration file that comes with Samba: > > log file = /var/log/samba/log.%m > > in that case your machine is not vulnerable to this attack unless you > happen to have a subdirectory in /var/log/samba/ which starts with the > prefix "log." > > Regards, > Lanny > > NAKAJI Hiroyuki writes: > > >>>>>> In <200106290052.TAA32034@aristotle.tamu.edu> > >>>>>> rasmith@aristotle.tamu.edu (Robin Smith) wrote: > > > > RS> the %m.log exploit, but now I wonder where it was. > > > > http://lists.samba.org/pipermail/samba-announce/2001-June/000054.html > > > > Is this what you read? > > -- > > NAKAJI Hiroyuki > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > ~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~= > Lanny Baron > servers with the power to Serve > http://www.FreeBSDsystems.com > 1.877.963.1900 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?014601c10051$ca88d2c0$3200a8c0>