Big Samba Security Bug Revealed
The Samba team has confirmed a recent CVE report (CVE-2015-0240) regarding a flaw in the smbd
file server daemon that could allow a remote user to execute arbitrary code with root privileges. The vulnerability, which was originally discovered by Microsoft, affects Samba versions from 3.5.0 to 4.2.0rc4.
The Samba project has already released a patch and recommends an immediate patch or upgrade. The Samba team also provides a workaround for versions 4.0.0 and later, which consists of disabling rpc_server
netlogon.
03/03/2015