Hello Friends!! Earlier the whole world trying to be secure from WannaCrypt Vulnerability (Known as WannaCrypt
or WannaCry), Now Samba announces a vulnerability that is very critical for Samba Servers configured in various
oraganisations all over the world.
What is SambaCry?
SambaCry is remote code execution vulnerability (CVE-2017-7494) for Samba Servers in linux environment.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability,
allowing a malicious client to upload a shared library to a writable share, and then cause the server to load
and execute it." - Samba.org
Samba released a patch addressing the effect to not harm your system. These patches can be downloaded by the
link -
http://www.samba.org/samba/security/
Here I remembers one dialogue from Bollywood Movie SHOLAY in which Gabbar(Villain)
says - "Are O Samba, Kitna inaam rakhi hai re sarkar hum par" and samba replies -
"Sardar. Pure Pachaas Hajaar (50K)".
But Now Samba saying this- Upgrade or Run the downloaded patches to secure yourself.
I suggest to all my viewers who are samba administrators to run these patches
downloaded or just upgrade online it to be secure. If you can’t apply the patch
at the moment, the workaround is to add the parameter "nt pipe support = no" to the
[global] section of your smb.conf
and restart smbd
. This can disable some expected
functionality for Windows clients.
Be Safe and Secure.
No comments:
Post a Comment