First WannaCry, Now SambaCry

Now its turn for SambaCry

Hello Friends!! Earlier the whole world trying to be secure from WannaCrypt Vulnerability (Known as WannaCrypt 
or WannaCry), Now Samba announces a vulnerability that is very critical for Samba Servers configured in various 
oraganisations all over the world.

What is SambaCry?

SambaCry is remote code execution vulnerability (CVE-2017-7494) for Samba Servers in linux environment. 
 
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, 
allowing a malicious client to upload a shared library to a writable share, and then cause the server to load
and execute it." - Samba.org
 
Samba released a patch addressing the effect to not harm your system. These patches can be downloaded by the
link - 
http://www.samba.org/samba/security/
 
Here I remembers one dialogue from Bollywood Movie SHOLAY in which Gabbar(Villain) 
says - "Are O Samba, Kitna inaam rakhi hai re sarkar hum par" and samba replies - 
"Sardar. Pure Pachaas Hajaar (50K)". 

But Now Samba saying this- Upgrade or Run the downloaded patches to secure yourself.

I suggest to all my viewers who are samba administrators to run these patches 
downloaded or just upgrade online it to be secure.  If you can’t apply the patch 
at the moment, the workaround is to add the parameter "nt pipe support = no" to the 
[global] section of your smb.conf and restart smbd. This can disable some expected 
functionality for Windows clients.

Be Safe and Secure.

Dev Tanwer

Devender is a Java Developer and a techno-blogger as well. He is working as a Java Developer since last 4 Years. Working as a techno-part, his aim is to provide technology each and every hand of the world.