Samba bug in OS X allows hackers root access
Posted by Lab Rat
According to PC World, Symantec has upped the warning level to Mac users this week on a Samba exploit first discovered in May of this year after discovering the exploit has been uploaded to the Metasploit hacking framework. Despite Samba’s developers having released a fix a day after the discovery, Apple has yet to patch the hole.
The exploit can allegedly allow a hacker to gain root access to a Mac which is running Samba. Samba is turned on in Macs when a user checks the “Windows File Sharing” checkbox in the System Preferences’ “Sharing” panel. Symantec suggests Mac users uncheck that box until Apple releases a patch (not exactly the solution many of us on mixed networks would like to hear).
Thanks to faithful Macenstein reader Walter for the tip!
When you say “Hacker”, what exactly are we talking about here? A hacker sitting at my Mac, or a web browser surfing to a page that a hacker setup to use this exploit?
I have Windows File Sharing turned on now and pretty much need it turned on all the time. It would be nice to know what level of security risk this really is.
Thanks
I think we’re talking a guy sitting across the internet cafe from you. They mentioned gaining access via Wi-Fi in particular as a danger, so I think someone needs to exploit this manually instead of via a malicious website, although the Metasplot framework thing also means robots are likely able to be set up to expoit it as well, so in answer to your question, I don’t know.
🙂
The point here is if a patch has been available for 3 months, why hasn’t Apple released it?
-The Doc
Not that this is an excuse for them, but they have been rather busy with the iPhone and Leopard. Plus, I suspect they don’t worry about problems like this one compared to problems where a user going to a website can be taken over or such.
It’s good to know that this isn’t an exploit where someone can hit me from thousands of miles away. Since I never use my MacBook in Internet Cafe’s and such, I’m not to worried about this one.
I know there are others that do and they probably should be worried, however, they probably don’t need to have Windows sharing turned on when they are in an Internet Cafe either.
Thanks for the clarification. I did pop over to the story after I posted the comment. The story wasn’t much clearer, but it was enough to help.
If you don’t use Windows File Sharing regularly, then you really should have it disabled until you need it and then disable it after use.