April 16, 201214 yr SAMBA recently announced a security vulnerability that allows remote root execution from an anonymous (un-authenticated) connection. https://www.samba.org/samba/security/CVE-2012-1182 =========================================================== == Subject: "root" credential remote code execution. == == CVE ID#: CVE-2012-1182 == == Versions: Samba 3.0.x - 3.6.3 (inclusive) == == Summary: Samba 3.0.x to 3.6.3 are affected by a == vulnerability that allows remote code == execution as the "root" user. == =========================================================== Is unRaid also affecated? Probably not that big a deal for unRaid as in most environments it won't be exposed to users that would want to gain unauthorized access.
April 16, 201214 yr Because like the summary already says that every Version from 3.0.x up to 3.6.3 is affectedm, also unRaid is vulnarable to it. But you already said ist, unRaid is meant to be a Storage Server in a controlled environment, and it is never a good idea to share SMB connections via internet.
Archived
This topic is now archived and is closed to further replies.