Thousands of Linux devices are vulnerable!

Samba is a free software re-implementation of the SMB networking protocol and provide file and print services for different Microsoft Windows clients. The name originates from the SMB (Server Message Block) protocol which is used by the Microsoft Windows network file system.

A security vulnerability (CVE-2017-7494) has been discovered in the software version 3.5.0 and later, that can allow a hacker with write access to execute code remotely and take control of the affected Linux and Unix devices.

Samba said:
“All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it,”

This flaw could allow an attacker to upload a shared library to a writeable share on affected Samba server and that end with executing the uploaded file on the server. The Samba exploit has been added to Metasploit, so researchers and hackers can now exploit this vulnerability easily.

The vulnerability has been fixed in the new release patch. Also, there is a quick fix that you can do within the configuration of the software itself to prevent the exploit by adding the argument “nt pipe support = no” to the global part of the “smb.conf” file and restart the service.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients