• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

*nix Administrators Should Patch Samba ASAP

April 12, 2012 By Corey Nachreiner

Unless you’re an eagle-eyed, super perceptive Linux administrator, you may have missed the major update the Samba team quietly released during this week’s busy Microsoft and Adobe Patch Day. However, if you use Samba, you’ll want to apply this update post-haste.

If you’re not familiar with it, Samba is a *nix variant of the Microsoft SMB protocol, which Windows uses for file and print sharing. If you have Linux systems and access Windows shares, you use Samba.

According to a security advisory, Samba versions 3.0.x through 3.6.3 suffer from a serious security vulnerability involving the way they handle specially crafted RPC calls. By sending maliciously crafted network traffic to a Samba-enabled computer, a remote, unauthenticated attacker can leverage this vulnerability to gain complete control of that machine with root privileges. This is an extremely critical vulnerability since the attacker doesn’t have to authenticate, and gains full privileges on the victim machine.

The only good news is most administrators don’t expose their SMB file shares (ports 137, 138, 139, and 445) to the Internet. If you have a firewall, or one of our XTM appliances, it blocks external attackers from accessing these ports by default. Nonetheless, this serious flaw still poses a very significant internal threat. If you use Samba on any *nix machines, you should download and deploy the appropriate Samba updates immediately. Fixed versions include:

  • 3.6.4
  • 3.5.14
  • 3.4.16

You can find more details about these patches, and where to get them, in the “Patch Availability” section of Samba’s advisory. — Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: linux, remote root, Samba, Updates and patches

Comments

  1. google.com says

    June 14, 2014 at 12:10 am

    Definitely consider that which you said. Your favourite justification seemed to be on the internet the easiest factor to be mindful
    of. I say to you, I definitely get irked even as other folks
    think about worries that they just do not understand about.
    You controlled to hit the nail upon the highest and also defined out the entire
    thing with no need side-effects , folks can take a signal.

    Will likely be back to get more. Thank you

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use