Security flaw found in Samba networking software

Recently, a security flaw was discovered in Samba networking software by Steelo of Samba Security team, which is quite similar to SMB exploit in Linux and Windows.

The flaw is nothing but the critical remote code execution vulnerability, which could allow a remote attacker to hack into flaw-affected Linux and Unix machines.

Being an open-source software, Samba works on major operating systems including Linux and Windows. This software could allow Linux or Mac OS X users to share network shared folders, files and printers with Windows operating user.

WHAT IS THE FLAW?

The flaw (CVE-2017-7494), which was recently discovered, affects all versions of Samba released after 1 March 2010.

"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," as the flaw founders wrote in the advisory report.

Further in their report, they wrote, "Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible."

According to Shodan computer search engine, around 4,85,000 Samba-enabled computers have exposed port 445 on the Internet. Also, security researchers have warned this flaw as most dangerous by saying it as Linux version of EternalBlue. None can forget the havoc caused by WannaCry ransomware.

Since this flaw led to Linux-based WannaCry, it will eventually create another buzz on the Internet. So, it's the time for upgradation. Not just Linux, every operating system users have to upgrade regularly as soon as the manufacturer releases the update.

Samba maintainers have also provided patches for older and unsupported versions of Samba. However,  Netgear have released a security advisory for CVE-2017-7494, saying a large number of its routers and NAS product models are affected by the flaw because they use Samba version 3.5.0 or later.


Tags:

linux at risk ransomware news samba networking software news

Categories