Skip to main content

Samba’s “One Line Of Code” Exploit Could Make Linux Vulnerable To WannaCry-like Attack, Patch Now


SAMBA FLAW LINUX WANNACRY
Researchers have warned that Linux and Unix machines are affected by a Samba exploit that could allow an attacker to take control of the systems. This could open doors to attacks similar to WannaCry. The Samba team and developers have pushed patches to fix
the flaw.
Samba is a free software license under the GNU GPL license that’s widely used on Linux and Unix computers for making them work with Windows file and printing services. A security vulnerability in Samba could leave hundreds and thousands of computers open to attacks.
With ID CVE-2017-7494, the vulnerability has been described as remote code execution from a writable share. As per the description, this flaw could allow malicious users to upload and make the smdb server to execute a shared library from a writable share.
Nick Bilogorskiy of Cyphort says that there are no active exploits in the wild, but the damage from Samba vulnerability could be steep, according to TechTarget. This flaw affects Samba versions 3.5 and newer.
This is because the vulnerability can allow remote code execution and an attacker can gain full control over a computer. This flaw isn’t exactly new, but recent developments showed that it’s more serious than expected.
Having seen the wrath of WannaCry ransomware in recent weeks, comparisons between Samba flaw and WannaCry are unavoidable. The experts have outlined that like WannaCry, Samba flaw can be used as a conduit for a wormhole exploit for quick expansion.
It should also be noted that an exploit which uses Samba flaw would make use of the bugs in the same SMB protocol used by the WannaCry’s NSA tools.
Earlier this week, The Samba Team, a group of 40 developers, released the patch to address this vulnerability. Apart from that, adding the “nt pipe support = no” to smb.conf file and restarting the service mitigates the threat, writes Cisco in a security bulletin.

Comments

WHAT'S HOT

Amazon Cuts Huawei Watch 2 Price To $194.99

Huawei's latest smartwatch has received a temporary price cut in the United States. There is no word on how long the promotion will last, but those interested

This Medical Camera Can See Right Through Human Body

Now, a team at the University of Edinburgh has developed a medical camera that can see right through your body. This new camera works by detecting light sources inside the body, such as

Google Search About To Receive A New “Speed Test Tool”, Here Is How To Use It

I use the Speed Test tool by Ookla to check the speed of my broadband connection. Generally, I use Google Search to visit the website. But the last time when I Googled the term “speed test,” I didn’t have to go much further than the search result itself.

Microsoft Has Released The First Windows 10 Build 16353 For Insiders

As Fall Creators Update is nearing its release, Skip Ahead was announced last month. It enables fast ring users to continue receiving new features, though the RS_PRERELEASE