Following on from the win xp bug that allowed remote execution..

I hope linux users have fixed their file sharing exploit..

CVE-2017-7494

Samba since version 3.5.0 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writeable share, and then cause the server to load and execute it.

version 3.5 onwards, so from 2010.

I wonder why all those eyes looking over open source code haven't spotted it earlier?

Reply to
dennis
Loading thread data ...

Many Linux users (myself included) don't run Samba. You only need it if you want to network with Windows machines, which I don't.

Reply to
Chris Green

Or with any other consumer device (admittedly probably a limited number) that understands smb but not nfs.

SteveW

Reply to
Steve Walker

One of the few books I have read was called 'The Cuckoo's Egg', (by Clifford Stoll) covered that sort of back door / exploit (in 1989).

They are too busy forking it all over the place. ;-)

Cheers, T i m

Reply to
T i m

or sshfs.

Reply to
The Natural Philosopher

I think you will find *most* linux users run samba and need the fix. The desktop linux market is tiny compared to NAS, etc.

Reply to
dennis

The linux zealots were saying it can't happen in open source because so many people can look at the source and that people shouldn't use windows because M$ can't possibly have enough people to find similar bugs.

Reply to
dennis

Well if you're including *all* Linux systems (not just desktops and laptops) then again I doubt if it's 'most' as the majority will be systems which again don't use samba/cifs. For example most domestic routers *don't* offer file sharing, nor do PVRs and other similar systems (the PVRs etc. might be clients). It's only NAS boxes that would have Samba servers and I bet they're quite rare compared with routers, PVRs, etc.

Reply to
Chris Green

En el artículo , dennis@home.? escribió:

Those same eyes fixed it within hours, complete transparency, no waiting for Microsoft and their closed source and a fix in the next Patch Tuesday if you're lucky.

My systems auto-updated themselves:

[root@nas1 log]# cat /var/log/messages-20170528 | grep samba May 25 04:08:58 nas1 yum[4023]: Updated: samba-winbind-3.6.23-43.el6_9.x86_64 May 25 04:09:00 nas1 yum[4023]: Updated: samba-winbind-clients-3.6.23-43.el6_9.x86_64 May 25 04:09:19 nas1 yum[4023]: Updated: samba-common-3.6.23-43.el6_9.x86_64 May 25 04:09:30 nas1 yum[4023]: Updated: samba-3.6.23-43.el6_9.x86_64 May 25 04:09:42 nas1 yum[4023]: Updated: samba-client-3.6.23-43.el6_9.x86_64 May 25 05:15:59 nas1 yum[4321]: Updated: samba4-libs-4.2.10-10.el6_9.x86_64

Can be worked around with the addition of ONE line to smb.conf.

Nothing to see here, move along.

Reply to
Mike Tomlinson

And no server worth its salt on the public internet would run Samba either.

Samba is used when you have winPCS and OSX machines that need to access a local usually corporate or domesetic NAS server.

Reply to
The Natural Philosopher

I run Samba on one server - the house file server. It also serves NFS, so the majority of systems in the house use that.

I have a Windows PC for work stuff (relatively rarely used) and so does SWMBO (same reason). I have another old one that runs the chip programmer and little else. One son has a Windows laptop and the other a Macbook. The Samba server is the domain controller, and so all profiles get backed up. Home directories on the server.

All completely firewalled off, and yes, I have also applied the latest fix.

Reply to
Bob Eager

That's a tad of an oversimplification.

The real position is that whenever any bug is found in Linux code, then

*anyone* can fix it.

Whenever a bug is found in Microsoft (Windows) code, *only* Microsoft can fix it.

Reply to
Jethro_uk

Run XP - it's safer!!

formatting link

Reply to
AnthonyL

Like they fixed the one in red hat where they reintroduced a bug that had been fixed a year or two earlier and then didn't notice for six months?

I doubt if there are many that can fix bugs in linux even if you limit it to just the kernel. It is not a few lines of code and very few understand it properly and even they put bugs in it.

Is that a problem? Other than for XP users?

Reply to
dennis

Lots of routers have samba servers, they use their USB ports to share disks and/or printers. They probably won't get a fix.

Reply to
dennis

M$ didn't suffer from this bug so you needn't of waited.

The M$ one also had a one tick workaround, in fact it has been advised for a long time to disable all the earlier versions of smb on windows.

The point here is that what is claimed about open source is not true and shouldn't be the only thing relied on for security.

Reply to
dennis

Oh look

"The worm then used a modified version of "EternalBlue,"?the advanced SMB exploit that was developed by the National Security Agency and leaked by the Shadow Brokers group?to install WCry on vulnerable computers. From there, WCry propagated from vulnerable machine to vulnerable machine inside local networks."

Which is what I said but everyone said it was emails.

Reply to
dennis

Lots, yes, but not most by any means.

Reply to
Chris Green

Well quite ... but we generally disregard the BS from all fanatics don't we. ;-)

Luckily, 'people' don't listen to the fanatics either and just carry on doing what they do because it generally works and works well (or presumably they would have already been using something else).

The main thing in the way of Linux is old skool Linux fanatics ... and once they have all died off, the new blood will allow it to be what it's been waiting to be for a while now, a useable / alternative desktop OS for many (warts and back-doors-n-all).

Cheers, T i m

Reply to
T i m

Like nuclear fusion, and flying cars, it's "just around the corner" ...

Reply to
Jethro_uk

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.