UPDATED 23:07 EST / MAY 25 2017

INFRA

Samba patches bug that allows hackers to upload malicious files

The administrators behind the open-source Samba software platform have issued an emergency patch for a security hole that potentially could allow hackers to upload malicious files to vulnerable servers running the software.

The vulnerability – CVE-2017-7494 – affects versions 3.5 and onwards of the software, which is used on Linux and Unix servers to provide Windows-based file and print services. It involves a critical remote code execution vulnerability that can be exploited by malicious client systems to upload and execute a shared code library from a writable shared folder on a server running Samba. Security firm Rapid7 Inc. told SiliconANGLE that it had discovered more than 104,000 endpoints, or devices, exposed on the Internet that appear to be running vulnerable versions of Samba, with almost 90 percent running versions that are potentially vulnerable and for which there was no direct patch available at the time they ran the test.

“We believe these vulnerable systems are likely conduits into organization networks; but it’s also likely that many of these devices are personal, IoT devices,” Rapid7’s lead data scientist Bob Rudis said. “Many home and corporate network storage systems run Samba and it’s very straightforward to enable the Samba service on any Linux endpoint. Organizations should be reviewing their official asset and configuration management systems to immediately identify vulnerable systems and then perform comprehensive and regular full network vulnerability scans to identify misconfigured or rogue systems.”

A workaround for the flaw is possible. As administrators can turn off support for interprocess communications used by older Windows operating systems such as NT, 2000 and XP in the main Samba configuration file, immediately putting an end to the risk. The patch, released by Samba Thursday, is available for all supported versions of the software, along with a number of, but not all, older unsupported versions.

Photo: JIP/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU