On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> Bugged net utility from samba package/
> ktrace is attached
PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file too).
in case you don't figure, you send to everyone a trace of all syscalls with
arguments and return of what the program did, including:
- file description and content for any opened file (hello
/var/samba/private/secrets.tdb and /etc/samba/smb.conf)
- all network communication with the program (hello ldap, kerberos and smb
services)
It means that any secrets in readed file or sent/received on the network should
be considered compromised.
Just don't do that.
Thanks.
--
Sebastien Marie
No comments:
Post a Comment