Modernizing Authentication — What It Takes to Transform Secure Access
"The vulnerability was discovered by security researcher Brian Gorenc and an unnamed colleague, working for the Zero Day Initiative," The H Security reports.
"The vulnerability is identified as CVE-2012-1182 and is located in Samba's code that handles the processing of RPC (remote procedure call) requests, particularly their translation into a NDR (Network Data Representation) format," writes InfoWorld's Lucian Constantin. "A client can send a specially crafted RPC call to a Samba server in order to exploit the vulnerability and execute unauthorized code with administrative privileges (root) on the system."
"Nicholas Percoco, senior VP and head of Trustwave SpiderLabs, says the flaw affects anyone who has embedded Linux-based appliances that use Samba for file sharing, such as network-attached storage (NAS), print servers, and printers," writes InformationWeek's Kelly Jackson Higgins. "While these devices tend to run in an intranet rather than over the big Internet, the main risk would be from a sophisticated targeted attack or a malicious insider, he says."
"SpiderLabs claims that a 'high-quality' proof of concept has been released into the wild, and that it makes exploiting the vulnerability as simple as pointing and clicking," warns ZDNet's Michael Lee.