I hope linux users have fixed their file sharing exploit..
Samba since version 3.5.0 is vulnerable to remote code execution
vulnerability, allowing a malicious client to upload a shared library to
a writeable share, and then cause the server to load and execute it.
version 3.5 onwards, so from 2010.
I wonder why all those eyes looking over open source code haven't
spotted it earlier?
Well if you're including *all* Linux systems (not just desktops and
laptops) then again I doubt if it's 'most' as the majority will be
systems which again don't use samba/cifs. For example most domestic
routers *don't* offer file sharing, nor do PVRs and other similar
systems (the PVRs etc. might be clients). It's only NAS boxes that
would have Samba servers and I bet they're quite rare compared with
routers, PVRs, etc.
On Wed, 31 May 2017 09:43:13 +0100, The Natural Philosopher wrote:
I run Samba on one server - the house file server. It also serves NFS, so
the majority of systems in the house use that.
I have a Windows PC for work stuff (relatively rarely used) and so does
SWMBO (same reason). I have another old one that runs the chip programmer
and little else. One son has a Windows laptop and the other a Macbook.
The Samba server is the domain controller, and so all profiles get backed
up. Home directories on the server.
All completely firewalled off, and yes, I have also applied the latest
My posts are my copyright and if @diy_forums or Home Owners' Hub
wish to copy them they can pay me £1 a message.
And the bug isn't in the server side, its in the WINDOWS CLIENT.
As long as you are not running windows sharing on a windows desktop, you
So all this discussion about linux servers and samba is a complete red
New Socialism consists essentially in being seen to have your heart in
the right place whilst your head is in the clouds and your hand is in
Nobody in their right mind opens TCP/445 (or 138, 139) from the
internet, but you're vulnerable from any other infected machine on your LAN.
Windows 7 and above *is* slightly more sensible about bringing up/down
the firewall depending whether it considers you're on a network that's
part of a domain your machine is joined to, or at home (likely behind
NAT) or on a parkbench sniffing free wifi.
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.