May
30
Samba vulnerability affects Mac OS X
Filed Under (Mac Os X) by admin on 30-05-2007
Share: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • Netvouz
  • NewsVine
  • StumbleUpon
  • Technorati
  • Reddit
  • Slashdot

Symantec has alerted users of Mac OS X to a flaw in the version of Samba - used for sharing Mac OS X files with Windows computers - that’s included with the operating system.
Samba is a open-source software that allows Mac users to enable file and print-sharing functions with Windows users.

The bug, which was discovered earlier this month, has been successfully exploited by a security team of Symantec that routinely test vulnerabilities in several Linux distributions: “The Deepsight Threat Analyst Team successfully exploited the heap corruption vulnerability on a fully patched Mac OS X 10.4.9 system running the default Samba 3.0.10 application,” Symantec say. “Exploitation differs from what has been demonstrated in public exploits; however, it is likely that other researchers would be capable of quickly overcoming the technical quirks associated with the platform.

Although Mac OS X doesn’t turn on Samba by default, sharing a network with Windows machines could leave users open to attacks. Because Apple has not released a Samba update since 2005, users must upgrade to the latest, and secure version, themselves.

Mac OS X users are advised to download and install the latest version of Samba 3.0.25 from the official web site,” Symantec says. “If this is not possible, the Windows Sharing service should be disabled until Apple issues an official update via the Software Update service.

Read More      

You must be logged in to post a comment.