Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission + - A wormable code-execution bug has lurked in Samba for 7 years. Patch now! (arstechnica.com)

williamyf writes: As reported in ArsTechnica, a wormable bug has remiended undetected for seven years in SaMBa verions 3.5.0 onwards. From the article:

Dan Tentler, founder of security firm Phobus Group, told Ars that more than 477,000 Samba-enabled computers exposed port 445, although it wasn't clear how many of them were running a vulnerable version of the utility. Tentler cited figures returned by the Shodan computer search engine. Researchers with security firm Rapid7, meanwhile, said they detected 110,000 devices exposed on the internet that appeared to run vulnerable versions of Samba. 92,500 of them appeared to run unsupported versions of Samba for which no patch was available.

Fortunately, there is a mitigation. Again, from the article:

Those who are unable to patch immediately can work around the vulnerability by adding the line

nt pipe support = no

to their Samba configuration file and restart the network's SMB daemon. The change will prevent clients from fully accessing some network computers and may disable some expected functions for connected Windows machines.

The patch came in fast, but the "Many eyes" took seven years for to "make the bug shallow".

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

A wormable code-execution bug has lurked in Samba for 7 years. Patch now!

Comments Filter:

Simulations are like miniskirts, they show a lot and hide the essentials. -- Hubert Kirrman

Working...