Samba critical defect: upgrade to prevent

Faculty on computer.

Article by Dan Heuskin  

Published June 1, 2017 This content is archived.

Running Samba on your computer? Upgrade immediately to prevent a critical defect from compromising your system.

Print

Photo

Dan.

Daniel Heuskin (UB Student, Class of 2017) is originally from Long Island, NY. He is studying English at UB with aspirations to become a teacher or writer. In his free time, he enjoys playing bass guitar, doing nature photography, writing songs and reading.

Samba is an open source suite that provides file and print services to SMB/CIFS clients. All versions of Samba from 3.5.0 onwards contain a remote code execution vulnerability that gives malicious clients the opportunity to upload shared libraries to writeable shares. Once loaded and executed on the server, this can result in a root shell for an attacker, leaving your system compromised.

To protect your system, upgrade your version of Samba. If you can't find the right patch on Samba's website, the following workaround can be used:

Add the parameter:

nt pipe support = no

to the [global] section or your smb.conf and restart smbd.

These steps prevent clients from accessing named pipe endpoints, which eliminates the aforementioned vulnerability, but may disable some functionality for Windows clients.

“UB does some blocking to protect systems from this exploit, but anyone running Samba should apply vendor patches as soon as practical,” said Jeff Murphy, UB Interim Information Security Officer.

Get help

If you suspect that your UB computer has been compromised, contact the UB Information Security Office at sec-office@buffalo.edu.

Find Samba Security Releases