Scoot_Mulner
Dabbler
- Joined
- Aug 20, 2013
- Messages
- 12
Hello,
I just noticed CVE-2021-44142 and wanted to check the correct steps to mitigate. I am running TrueNAS-12.0-U7 with a couple Apple computers on the network and I have Samba 4.13.14 which is vulnerable.
I do have an AFP share that I use to share a single HDD for Time Machine backups. I think that part is fine because, it isn't using Samba.
Under the "Advanced Options" for my Samba share configurations, I do have "Use Apple-style Character Encoding" checked off and I see a "Time Machine" checkbox but I'm not using that so it is unchecked. I don't have anything with the word "fruit" in my "Auxiliary Parameters" section for any of the shares either.
Also, under the Samba service configuration, I see a checkbox for "Enable Apple SMB2/3 Protocol Extensions".
So my question is, if all three of those items are unchecked and I don't have any fruity things in my auxiliary parameters, is TrueNAS safe?
1) Use Apple-style Character Encoding
2) Time Machine
3) Enable Apple SMB2/3 Protocol Extensions
Thanks.
I just noticed CVE-2021-44142 and wanted to check the correct steps to mitigate. I am running TrueNAS-12.0-U7 with a couple Apple computers on the network and I have Samba 4.13.14 which is vulnerable.
Code:
# smbd -V Version 4.13.14
I do have an AFP share that I use to share a single HDD for Time Machine backups. I think that part is fine because, it isn't using Samba.
Under the "Advanced Options" for my Samba share configurations, I do have "Use Apple-style Character Encoding" checked off and I see a "Time Machine" checkbox but I'm not using that so it is unchecked. I don't have anything with the word "fruit" in my "Auxiliary Parameters" section for any of the shares either.
Also, under the Samba service configuration, I see a checkbox for "Enable Apple SMB2/3 Protocol Extensions".
So my question is, if all three of those items are unchecked and I don't have any fruity things in my auxiliary parameters, is TrueNAS safe?
1) Use Apple-style Character Encoding
2) Time Machine
3) Enable Apple SMB2/3 Protocol Extensions
Thanks.