Security Incidents mailing list archives

Re: msamba

From: Nikola Pepelishev <cmage () mtel net>
Date: Tue, 22 Apr 2003 11:12:00 +0300

On Mon, 21 Apr 2003 12:41:27 -0300 (ADT)
Steve Bromwich <incident () fop ns ca> wrote:

[snip]

I picked up the copy of msamba and had a look at it; it looks like it's
exploiting the recent samba bug for a wide variety of platforms (*BSD,
SuSE, Slackware, Redhat, Mandrake, Gentoo and Debian).


[snip]

Probably it should be noted that binaries in this tgz are infected with Linux.Osf.8759 according to Kaspersky Antivirus:

osslscan infected: Linux.Osf.8759
sambalx infected: Linux.Osf.8759
scan infected: Linux.Osf.8759
serv ok.

More info about Linux.Osf.8759 can be found here: http://www.viruslibrary.com/virusinfo/Linux.OSF.8759.htm


Regards,
-- 
Nikola Pepelishev
System Administrator @ Mobiltel EAD
Data Services Division
e-mail: cmage () mtel net

----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------

Current thread:

msamba Steve Bromwich (Apr 21)
- Re: msamba Paulo Abrantes (Apr 21)
- Re: msamba William Salusky (Apr 22)
  - Re: msamba noconflic (Apr 22)
- Re: msamba Nikola Pepelishev (Apr 22)
- Re: msamba Steve Bromwich (Apr 22)
  - Re: msamba noconflic (Apr 23)
    - Re: msamba Tobias Klein (Apr 25)