The Inquirer-Home

Samba hit by remote code execution vulnerability

Samba got tangoed
Tue Aug 05 2014, 13:06
Samba hit by remote code execution vulnerability

THE SAMBA PROTOCOL has been flagged as having a major vulnerability that could allow intruders to gain superuser permissions on network devices.

Samba is an open source implementation of the SMB protocol used by Microsoft Windows machines to enable file sharing and transfer between machines. Implementations of the SAMBA protocol on machines running other operating systems allow seamless transfer to and from these machines too.

A fault in the nmbd NetBIOS name service daemon causes memory operations to be mishandled by Samba. This can provide back doors for hackers to exploit the bug as part of wider attacks.

An advisory issued this week under the summary title "Samba 4.0.0 to 4.1.10 are affected by a remote code execution attack on unauthenticated nmbd NetBIOS name services" explained, "A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root)."

The problem was discovered and repaired by Volker Lendecke, a Samba Team member working for Sernet in Germany.

A patch has been issued to address the problem, along with new Samba versions 4.1.11 and 4.0.21 to correct the problem. The new Samba versions will need to be compiled into new firmware versions for equipment such as NAS drives, and users are advised to avoid any processes involving the NetBIOS nmbd daemon until a fix is put in place.

It has been a dark year for software vulnerabilities so far with OpenSSL, Steam, and the perennial favourite Microsoft's Internet Explorer web browser among a string of high profile targets. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?