A critical vulnerability has been detected with Samba, affecting versions 3.5 and onwards.

If you’re using Samba to easily integrate between remote Unix and Windows environment, you may want to patch the software ASAP.

Here are more details of the detected vulnerability:

An exploit consisting of just one line of code is enough for an attacker to gain remote access of a Samba-operated machine.

A patch for 3.5 version onwards has been released and can be found here:

https://www.samba.org/samba/history/security.html

Alternatively, you can try the following workaround if you’d rather not update your Samba install for the time being:

Add “nt pipe support = no” as an argument to global section of the smb.conf file and then restart services.

Facebooktwittergoogle_plusredditpinterestlinkedinmail