Full Disclosure mailing list archives
Re: Samba Remote Zero-Day Exploit
From: "Stefan Kanthak" <stefan.kanthak () nexgo de>
Date: Mon, 8 Feb 2010 22:33:28 +0100
Michael Wojcik wrote:
From: Stefan Kanthak [mailto:stefan.kanthak () nexgo de] Sent: Saturday, 06 February, 2010 08:21 Dan Kaminsky wrote: [...](On a side note, you're not going to see this sort of symlink stuff on Windows,What exactly do you mean? Traversing symlinks on the server/share, or creation of "wide"symlinksby the client on the server/share? Since Windows 2000 NTFS supports "junctions", which pretty much resemble Unix symlinks, but only for directories. See <http://support.microsoft.com/kb/205524/en-us>And at least since Vista, it also supports symlinks, which are designed
s/at least// [ well-known facts snipped ]
The Windows SMB server apparently won't cross reparse points, though, so there's no equivalent vulnerability.
NO, Windows SMB server crosses reparse points! But as Dan Kaminsky pointed out, you need to have administrative rights to remotely create a junction on an SMB share, so the non-admin user cant get himself access to files outside a share he's allowed to access. Stefan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Samba Remote Zero-Day Exploit, (continued)
- Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 05)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 05)
- Re: Samba Remote Zero-Day Exploit Kingcope (Feb 05)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 05)
- Re: Samba Remote Zero-Day Exploit Thierry Zoller (Feb 06)
- Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 05)
- Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 06)
- Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 06)
- Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 08)
- Re: Samba Remote Zero-Day Exploit Dan Kaminsky (Feb 06)
- Re: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)
- Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 09)
- Re: Samba Remote Zero-Day Exploit Michael Wojcik (Feb 09)
- Re: Samba Remote Zero-Day Exploit Stefan Kanthak (Feb 10)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 06)
- Re: Samba Remote Zero-Day Exploit Krzysztof Halasa (Feb 09)
- Re: Samba Remote Zero-Day Exploit paul . szabo (Feb 06)
- Re: Samba Remote Zero-Day Exploit David Jacoby (Feb 10)