smb2www Update for Debian
Posted on: 12/05/2002 12:24 PM
A new security update for Debian GNU/Linux has been released:DSA-203-1 smb2www -- arbitrary command execution
Robert Luberda found a security problem in smb2www, a Windows Network client that is accessible through a web browser. This could lead a remote attacker to execute arbitrary programs under the user id www-data on the host where smb2www is running.Read more
This problem has been fixed in version 980804-16.1 for the current stable distribution (woody), in version 980804-8.1 of the old stable distribution (potato) and in version 980804-17 for the unstable distribution (sid).
We recommend that you upgrade your smb2www package immediately.