Samba vulnerability (CVE-2017-7494) "SambaCry"

Robert Leong -

Scope

Venice and Linux base servers.

Samba 3.5.0 onwards.

Fixes

Rohde & Schwarz patch for RHEL 6.2, 6.4 and 6.5, also upgrade Samba to version 4.2.10.

(19-Sep-2017 update)
www.dvsus.com/gold/venice/SambaCryFix_RHEL6.tgz
www.dvsus.com/gold/venice/TechNote_SambaCry_en_1_1.pdf

or

3rd party upgrade to Samba 4.6.4/4.5.10/4.4.14 and higher.

Workaround

If the patch can not be applied, you may apply the workaround described via the link below, this config change prevents the usage of named pipes, which should not harm the Venice workflows.

https://www.samba.org/samba/security/CVE-2017-7494.html

The smb.conf is in /etc/samba/ and you'll need root permissions to edit it. Restart Samba service.

To identify your installed Samba version:

# smbd -V
Version 3.6.6

Restart Samba

# service smb restart

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.