Published June 1, 2017
Running Samba on your computer? Upgrade immediately to prevent a critical defect from compromising your system.
Samba is an open source suite that provides file and print services to SMB/CIFS clients. All versions of Samba from 3.5.0 onwards contain a remote code execution vulnerability that gives malicious clients the opportunity to upload shared libraries to writeable shares. Once loaded and executed on the server, this can result in a root shell for an attacker, leaving your system compromised.
To protect your system, upgrade your version of Samba. If you can't find the right patch on Samba's website, the following workaround can be used:
Add the parameter:
nt pipe support = no
to the [global] section or your smb.conf and restart smbd.
These steps prevent clients from accessing named pipe endpoints, which eliminates the aforementioned vulnerability, but may disable some functionality for Windows clients.
“UB does some blocking to protect systems from this exploit, but anyone running Samba should apply vendor patches as soon as practical,” said Jeff Murphy, UB Interim Information Security Officer.
If you suspect that your UB computer has been compromised, contact the UB Information Security Office at firstname.lastname@example.org.