Samba warns users about security misstep

A potentially critical flaw in earlier versions of the open-source Samba file server product has prompted the developer to warn users to “immediately” upgrade to the latest version.

Samba – a Windows server alternative designed for Unix and Linux servers – is a freely available open source software suite which enables file and print services to Server Message Block/Common Internet File System (SMB/CIFS) clients.

The Samba organization reported Tuesday that the security flaw appears in versions 2.0.x to 2.2.7a of the software, and recommended users upgrade immediately to version 2.2.8.

Unchecked, the flaw enables unauthorized users unrestricted privileges and remote access to the server running Samba.

If users, Samba noted, are unable to upgrade machines currently running the Samba server, they should block access to TCP (Transmission Control Protocol) ports 139 and 444.

The latest Samba release can be found at:

The Samba team also said that the SMB/CIFS protocol implemented by Samba is vulnerable to many attacks, even without specific security holes. The TCP ports 139 and the new port 445 used by Windows 2000, and the Samba 3.0 alpha code in particular, should never be exposed to untrusted networks, the group said.

– With files from IDG News Service

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Stemming the tide of cybercrime

By: Derek Manky Technology continues to play a significant role in accelerating...

Power through a work-from-anywhere lifestyle with the LG gram

“The right tool for the right job” is an old adage...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now