Mailinglist Archive: opensuse (1256 mails)

< Previous Next >
Re: [opensuse] Samba Worm Alert!
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Thu, 01 Jun 2017 20:49:49 +0200
  • Message-id: <ogpnkd$70q$1@saturn.local.net>
Lew Wolfgang wrote:

Hi Folks,

It looks like samba has a remote-root-wormable vulnerability, present
in all versions for the past seven years.


https://arstechnica.com/security/2017/05/a-wormable-code-execution-bug-has-lurked-in-samba-for-7-years-patch-now/

Note that a work-around is setting this in /etc/samba/smb.conf:

nt pipe support = no

Then restart smbd.

While the workaround is fine, what about all those routers and NAS
boxes out there that will never get updated?

Routers with samba? The NAS boxes - if people make them available on
the net, well. Run owncloud or some such on them.



--
Per Jessen, Zürich (21.6°C)
http://www.hostsuisse.com/ - dedicated server rental in Switzerland.


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References