[Info-vax] SAMBA and Ransomeware
ultradwc at gmail.com
ultradwc at gmail.com
Sat Jul 29 10:56:00 EDT 2017
On Tuesday, July 18, 2017 at 2:18:55 PM UTC-4, johnwa... at yahoo.co.uk wrote:
> On Tuesday, 18 July 2017 16:41:46 UTC+1, Stephen Hoffman wrote:
> > On 2017-07-12 14:48:40 +0000, Neil Rieck said:
> >
>
> Highlights from the RedHat article at
> https://access.redhat.com/security/cve/cve-2017-7494
> "A malicious authenticated samba client, having write
> access to the samba share, could use this flaw to execute
> arbitrary code as root.
> [...]
> Mitigation
>
> Any of the following:
>
> 1. SELinux is enabled by default and our default policy prevents loading of modules from outside of samba's module directories and therefore blocks the exploit
>
> "
SECURE LINUX? Funniest thing I ever heard :)
More information about the Info-vax
mailing list