Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - When is a 0day not a 0day? Samba symlink bad default config InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

When is a 0day not a 0day? Samba symlink bad default config

Published: 2010-02-09
Last Updated: 2011-02-08 23:49:20 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

When is a 0day not a 0day? When the exploit ends up being just a poor default configuration issue. It can lead to files being read, that the user has permission to read. Like /etc/passwd for example. The solution? Set "wide links = no" in the [global] section of your smb.conf and restart smbd to eliminate this problem, from the Samba Symlink Attack posting here. Thanks Elazar!

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

0 comment(s)
Diary Archives