Samba exploit could put some Mac OS X users at risk to attack

Apple Store“Hackers can attack Apple Inc.’s Mac OS X by exploiting an unpatched vulnerability in the open-source Samba file- and print-sharing software that’s included with the operating system, Symantec Inc. said Monday,” Computerworld reports.

“Samba, which is enabled when Mac users turn on the Windows Sharing feature that allows Microsoft Corp. customers to access files and printers on a Mac network, was pegged with multiple heap-based buffer overflow bugs earlier this month. Exploits have been released by penetration test suppliers Immunity Inc. and the Metasploit Project that target the vulnerabilities on several Linux distributions,” Computerworld reports.

“Although Mac OS X doesn’t turn on Samba by default, Macs that share a network with Windows PCs could be at risk, Symantec warned. Because Apple has not released a Samba update since 2005, users must upgrade to the latest, and secure version, themselves,” Computerworld reports. “‘Mac OS X users are advised to download and install the latest version of Samba 3.0.25 from the official website (more info and download links here),’ said Symantec. ‘If this is not possible, the Windows Sharing service should be disabled until Apple issues an official update via the Software Update service.'”

Full article with links here.

[Thanks to MacDailyNews Reader “qka” for the heads up.]

47 Comments

  1. This one is very real. We experienced an attack using this exploit over the weekend. The attacker was able to obtain my usernames from Open Directories. They weren’t able to crack the passwords however, and weren’t able to gain access to the system. We shut down Windows sharing on the server.

  2. So, I hate to be a weenie, but there is no precompiled SAMBA updates for OS X on the SAMBA news site, and since the latest version is 3.0.25a should I even be considering putting this on my computer?

    Just wondering.

  3. It’s kind of interesting that since Apple came out with the latest Security update last week, I’ve been hearing from my fellow Mac users complaining about their Safari always crashing. It’s funny that we don’t read anything about that here. Oops, I guess we are now. ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />

    As far as Samba, yes, Apple. Make a patch for all of us Mac users that need to work with Windows. Thank you.

    –Rudge

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.