New Samba Vulnerability?

Slashdot is running a thread on a new Samba vulnerability which Digital Defense discovered. This comment by Jeremy Allison of the Samba team is one of the best reasons why event-based IDS data can fail, and should be reinforced by collecting session and full content data. He's responding to a challenge to prove he has unreleased exploits for Microsoft SMB/CIFS:


If you put one of your Windows servers on a network
I had access to I would be able to show you. I will
not release the code publicly (for obvious reasons).
Knowledge of these bugs would allow worms/viruses to
utterly cripple Microsoft based corporate networks.


If you choose not to believe me without exploit code
then that's up to you, but I will not act in an
unprofessional way to prove a point.


Jeremy Allison,
Samba Team.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics