Re: Samba Remote Zero-Day Exploit
- From: "Stefan Kanthak" <stefan.kanthak@xxxxxxxx>
- Date: Mon, 8 Feb 2010 22:33:28 +0100
Michael Wojcik wrote:
From: Stefan Kanthak [mailto:stefan.kanthak@xxxxxxxx]symlinks
Sent: Saturday, 06 February, 2010 08:21
Dan Kaminsky wrote:
[...]
(On a side note, you're not going to see this sort of symlink stuff
on Windows,
What exactly do you mean?
Traversing symlinks on the server/share, or creation of "wide"
by the client on the server/share?
Since Windows 2000 NTFS supports "junctions", which pretty much
resemble Unix symlinks, but only for directories.
See <http://support.microsoft.com/kb/205524/en-us>
And at least since Vista, it also supports symlinks, which are designed
s/at least//
[ well-known facts snipped ]
The Windows SMB server apparently won't cross reparse points, though, so
there's no equivalent vulnerability.
NO, Windows SMB server crosses reparse points!
But as Dan Kaminsky pointed out, you need to have administrative rights
to remotely create a junction on an SMB share, so the non-admin user
cant get himself access to files outside a share he's allowed to access.
Stefan
- Follow-Ups:
- RE: Samba Remote Zero-Day Exploit
- From: Michael Wojcik
- RE: Samba Remote Zero-Day Exploit
- References:
- Re: Samba Remote Zero-Day Exploit
- From: paul . szabo
- Re: Samba Remote Zero-Day Exploit
- From: Stefan Kanthak
- RE: Samba Remote Zero-Day Exploit
- From: Michael Wojcik
- Re: Samba Remote Zero-Day Exploit
- Prev by Date: ACM CCS 2010: Call for Workshop Proposals
- Next by Date: Aruba Advisory ID: AID-020810 TLS Protocol Session Renegotiation Security Vulnerability
- Previous by thread: RE: Samba Remote Zero-Day Exploit
- Next by thread: RE: Samba Remote Zero-Day Exploit
- Index(es):
Relevant Pages
|
