4

News: Vulnerability in Samba provides access to files

view full story
linux-howto

http://www.raiden.net – A vulnerability in the creation of symbolic links (symlinks) in the free Samba file and printer server can be exploited to attain access to files outside of predefined paths. Attackers can even get access to the system's root directory (/). To exploit the flaw (directory traversing), attackers firs ... (Distributions)

linuxguru's picture
Submitted by linuxguru on 02/10/2010 – Made popular on 02/10/2010

Stories similar to News: Vulnerability in Samba provides access to files

LinuxSecurity.com: It was discovered the Samba handled symlinks in an unexpected way when both"wide links" and "UNIX extensions" were enabled, which is the default. Aremote attacker could create symlinks and access arbitrary files from theserver. [More...]

I am having an issue with Ubuntu Natty (32 bit version) trying to access a directory on a FreeNAS server (set up to share files using samba) that is also on the local network. It seems that if there are under a certain number of files (just under 500, maybe 497 or 498) it can access the directory just fine. Add one more file, and Ubuntu refuses to show anything in the directory.

Hi,

I've just been reading old forum posts on how to get symlinks working with samba. Found that I needed to edit the /etc/smb.conf file and add the following entries into the Global section:

follow symlinks = yes wide links = yes unix extensions = no

And yes, this did allow my windows box to access the symlink directories.

I also read that there are security issues with enabling symlinks.

Mandriva: 2010:122: fastjar 2 years 48 weeks ago

LinuxSecurity.com: A vulnerability has been discovered and corrected in fastjar: Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial [More...]

I'm trying to set up sftp so that a few trusted people can access/edit/create some files. I have jailed a user into their home directory (/home/name) but have run into a problem. I want for them to also be able to access other parts of the VPS because it is also a game server, webhost, etc, and I want for them to be able to have full control of files outside their jailed directory.

Symlinks have limitations in how functions like ls, mv, and cp can operate on them because unlike shell initiated commands like cd, these functions do not have information about how the user accessed the directory with respect to the logical path (see related post).

am using fedora 17 with ubuntu and windows machines for educational purposes

i installed samba, disable SElinux, configure firewall to work with samba and i can access fedora samba shares but my fedora can't access other computer's samba shares with the graphic file manager only on terminal using this commands:

smbclient //192.168.1.4/Downloads Enter itami's password: smb: \>

its gr

I've mounted a shared windows directory (C:\foo\bar) on an ubuntu server (/mnt/shared/bar) like so:

//windows-server/bar /mnt/shared/bar smbfs credentials=/etc/samba-credentials 0 0

It works great, but when I cd into /mnt/shared/bar, Ubuntu shows that all the files are owned by root.

I'd like to restrict access to /mnt/shared/bar on the linux side.

Hi, I'm getting peculiar behaviour with Samba and was hoping someone could help me. I have searched quite a bit but not turned up anything like the problem I am facing.

I have recently set the 'unix extensions' property on my samba server to 'no'. This was to enable me from my cifs client to 'follow' symbolic links on my server.