Threat Level: green Handler on Duty: Chris Mohan

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

All Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon

Published: 2014-08-02
Last Updated: 2014-08-02 00:46:37 UTC
by Chris Mohan (Version: 1)
0 comment(s)

A remote code execution in nmbd (the NetBIOS name services daemon) has been found in Samba versions 4.0.0 to 4.1.10. ( assgined CVE-2014-3560) and a patch has been release by the team at samba.org.

Here's the details from http://www.samba.org/samba/security/CVE-2014-3560

 
===========
Description
===========

All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon.

A malicious browser can send packets that may overwrite the heap ofthe target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
 
==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.1.11 and 4.0.21 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

==========
Workaround
==========

Do not run nmbd, the NetBIOS name services daemon.

 

Chris Mohan --- Internet Storm Center Handler on Duty

Keywords: Samba
0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

A Honeypot for home: Raspberry Pi
published 1 day ago by Chris (4 comments)

Symantec Endpoint Protection Privilege Escalation Zero Day
published 2 days ago by Rick (2 comments)

Interesting HTTP User Agent "chroot-apach0day"
published 4 days ago by Dr. J. (16 comments)

Management and Control of Mobile Device Security
published 5 days ago by Guy (0 comments)

"Internet scanning project" scans
published 1 week ago by Chris (12 comments)

View All Diaries →

Latest Discussions

DSHIELD with fail2ban
created 3 weeks ago by Ernest (0 replies)

Router Upgrade
created 3 weeks ago by ICI2Eye (2 replies)

ENDPOINT SERVICE DEFINITIONS (TCP/UDP)
created 3 weeks ago by Ratatosk (1 reply)

Router- FW Upgrade
created 4 weeks ago by ICI2Eye (0 replies)

Malware infected ATMs in China via specialized device
created 1 month ago by Safensoft (0 replies)

View All Forums →

Latest News

View All News →