I usually don't miss things BUT

Laurent Blume laurent at opencsw.org
Fri Apr 15 16:02:22 CEST 2016


Le 2016/04/15 15:57 +0200, Cmh a écrit:
> Thanks for that info, but I still am not sure I need to do anything
> regarding the samba badlock issue.
> It appears to be A Windows issue only.

It's a protocol flaw, not an implementation error, so basically,
anything using the protocol is at risk.

> I have searched and asked and can't get an answer to confirm or deny that.
> The good news is that samba can only be accessed internally, not outside
> network connections.

Pretty much, yes. It's a real issue, but it was overhyped from the
start. Nobody in their right mind does CIFS over the internet, and if
someone is in the position of doing an MITM in your local network, then
you have some issues already. Still, it ought to be patched.

Laurent


More information about the users mailing list