OS X still open to Samba vulnerabilities
Following up some recent patches to Samba, the open-source file-sharing system compatible with Windows file sharing, Symantec found some disturbing results: at least one *NIX variant, Mac OS X, is still vulnerable.
The heap-corruption vulnerabilities affected Samba 3.0.25rc3 and earlier versions, and exploit code was quickly made available. Symantec says that the current, fully-patched version of Mac OS X 10.4.9 runs Samba 3.0.10, originally released in 2005. It does not run by default, but does run if the user activates Windows Sharing. Symantec calls exploitation of this version of Samba on OS X "fairly trivial."
At PC Mag.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.