SAMBA Vuln Could Be Dangerous

If you are not already looking at the newest SAMBA issue, you should be paying attention. It is a stack-based buffer overflow, exploitable remotely without credentials. The MetaSploit folks are already hard at work on an exploit and some versions are rumored to be floating about the underground.

The vulnerability exists in OS X, Linux and a variety of appliance platforms using the core SAMBA code. Updates are starting to roll into the primary distributions and OS images. Ubuntu, for example, already has a fixed version available.

You can read the SAMBA folks release here for more information.

Likely, wide scale exploitation is on the horizon and malware/worm development is also predicted for this particular issue.

In terms of actions, begin to understand where SAMBA is used in your environment, reduce your attack surfaces as much as possible, implement the patches where available and increase your vigilance on SAMBA utilizing systems/processes.

Keep your eyes on this one. With this also being a fairly heavy/serious Microsoft patch day, your security team and admins might be focused on other things. You don’t want this one to slip through the cracks.

Leave a Reply