Lew Wolfgang wrote:
Hi Folks,
It looks like samba has a remote-root-wormable vulnerability, present in all versions for the past seven years.
https://arstechnica.com/security/2017/05/a-wormable-code-execution-bug-has-l...
Note that a work-around is setting this in /etc/samba/smb.conf:
nt pipe support = no
Then restart smbd.
While the workaround is fine, what about all those routers and NAS boxes out there that will never get updated?
Routers with samba? The NAS boxes - if people make them available on the net, well. Run owncloud or some such on them. -- Per Jessen, Zürich (21.6°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org