smb2www Update for Debian
Posted on: 12/05/2002 11:24 AM

A new security update for Debian GNU/Linux has been released:

DSA-203-1 smb2www -- arbitrary command execution
Robert Luberda found a security problem in smb2www, a Windows Network client that is accessible through a web browser. This could lead a remote attacker to execute arbitrary programs under the user id www-data on the host where smb2www is running.

This problem has been fixed in version 980804-16.1 for the current stable distribution (woody), in version 980804-8.1 of the old stable distribution (potato) and in version 980804-17 for the unstable distribution (sid).

We recommend that you upgrade your smb2www package immediately.


Read more




Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/smb2www_update_for_debian.html)