Samba (CVE-2017-11103) Update?

Nas4Bean · Jul 19, 2017

Hey,

Does anybody know what's up? I don't wanna get nailed by SambaCry.
https://www.bleepingcomputer.com/ne...lity-used-to-deploy-backdoors-on-nas-devices/

On my box, I can do this command as root: smbstatus
And it returns: "Samba version 4.6.4-GIT-5fe3bc2"

According to this vulnerability announcement:
https://www.samba.org/samba/security/CVE-2017-11103.html

Current safe versions: Samba 4.6.6, 4.5.12 and 4.4.15 have been issued as security releases to correct the defect.

I did an update check, and there is nothing new for my FreeNas11 (Stable) to get.

anodos · Jul 19, 2017

Nas4Bean said:
Hey,

Does anybody know what's up? I don't wanna get nailed by SambaCry.
https://www.bleepingcomputer.com/ne...lity-used-to-deploy-backdoors-on-nas-devices/

On my box, I can do this command as root: smbstatus
And it returns: "Samba version 4.6.4-GIT-5fe3bc2"

According to this vulnerability announcement:
https://www.samba.org/samba/security/CVE-2017-11103.html

Current safe versions: Samba 4.6.6, 4.5.12 and 4.4.15 have been issued as security releases to correct the defect.

I did an update check, and there is nothing new for my FreeNas11 (Stable) to get.

"Sambacry" is already patched. There will be a release soon that fixes the heimdal bug (CVE-2017-11103).

Nas4Bean · Jul 19, 2017

anodos said:
"Sambacry" is already patched. There will be a release soon that fixes the heimdal bug (CVE-2017-11103).

I mean, I know it's patched. It's what I posted. I was wondering _when_ the fix for it will be up. As I feel naked now.

anodos · Jul 19, 2017

Nas4Bean said:
I mean, I know it's patched. It's what I posted. I was wondering _when_ the fix for it will be up. As I feel naked now.

Sambacry (CVE-2017-7494) is patched in FreeNAS 11.0-U1, which was released several weeks ago (perhaps also in FN 11.0-RELEASE), and FreeNAS 9.10-U5.

I've also had some difficulty trying to exploit CVE-2017-7494 on FreeBSD systems, but this may be operator error on the toolkits I was using (didn't devote much time to it).

Nas4Bean · Jul 19, 2017

So maybe don't worry too much? I'm using: FreeNAS-11.0-U1 (aa82cc58d)

:)

anodos · Jul 19, 2017

Nas4Bean said:
So maybe don't worry too much? I'm using: FreeNAS-11.0-U1 (aa82cc58d)

:)

Right. I think that 11.0-U2 will be released very soon (within the next couple of days).

danb35 · Jul 19, 2017

anodos said:
and FreeNAS 9.11-U5.

I think you meant 9.10-U5.

anodos · Jul 19, 2017

danb35 said:
I think you meant 9.10-U5.

At 5:00 AM those numbers looked mostly right. :D

Important Announcement for the TrueNAS Community.

Samba (CVE-2017-11103) Update?

Nas4Bean

Cadet

anodos

Sambassador

Nas4Bean

Cadet

anodos

Sambassador

Nas4Bean

Cadet

anodos

Sambassador

danb35

Hall of Famer

anodos

Sambassador

Similar threads