| Samba exploit – not quite WannaCry for Linux, but patch anyway! | | Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS. A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines. | All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability (CVE-2017-7494), allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 3.5.0 was released on March 1, 2010. Some experts are saying it is "Linux version of EternalBlue," used by the WannaCry ransomware. | The vulnerability is hell easy to exploit. Just one line of code is required to execute malicious code on the affected system (simple.create_pipe("/path/to/target.so")). The Samba exploit has already been ported to Metasploit, a penetration testing framework, enabling researchers as well as hackers to exploit this flaw easily. | The maintainers of Samba has already patched the issue in their new versions Samba versions 4.6.4/4.5.10/4.4.14, and are urging those using a vulnerable version of Samba to install the patch as soon as possible. If you can not upgrade to the latest versions of Samba, you can work around the vulnerability by adding "nt pipe support = no" to your Samba configuration file smb.conf. Samba maintainers have also provided patches for older and unsupported versions of Samba. | | |
|