Wednesday, February 25, 2015

Samba Remote Code Execution Vulnerability


An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user)

For more details about the vulnerability or information on updating your Samba connections, see
CVE Page: https://access.redhat.com/security/cve/CVE-2015-0240
KCS Article: https://access.redhat.com/articles/1346913
KCS Solution: https://access.redhat.com/solutions/1351573 

Workaround / Advices
It is recommended to update to the latest software patches.

Other references:
Please refer to the TNAS report 24 February 2015 (Ref: 24022015-02) for additional information
Samba - https://www.samba.org/samba/security/CVE-2015-0240
US-Cert - https://www.us-cert.gov/ncas/current-activity/2015/02/24/Samba-Remote-Code-Execution-Vulnerability
Tripwire - http://www.tripwire.com/state-of-security/vulnerability-management/vert-threat-alert-samba-remote-code-execution/

No comments: