Any known exploit for the samba 2.2.2-2.2.6 encrypted password vuln?

["Neulinger, Nathan" <nneul () umr edu>]

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul () umr edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216


-----Original Message-----
From: Dave Ahmad [mailto:da () securityfocus com] 
Sent: Wednesday, January 08, 2003 4:02 PM
To: Neulinger, Nathan
Subject: Re: Any known exploit for the samba 2.2.2-2.2.6 encrypted
password vuln?



Hi Nathan,

Send this message to the INCIDENTS mailing list. The address is
incidents () securityfocus com.

David Mirza Ahmad
Symantec

0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB  AB F0 1E 67 C6 1A 26 00 57 12

On Wed, 8 Jan 2003, Neulinger, Nathan wrote:

> I'm trying to track down how a server got rooted, and running up
against
> dead ends for any remote vulnerabilities.
>
> Only unusual service running on the machine was smb-2.2.4
authenticating
> against an ADS server.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger                       EMail:  nneul () umr edu
> University of Missouri - Rolla         Phone: (573) 341-4841
> Computing Services                       Fax: (573) 341-4216


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com