News

NCSC warns against the advent of a serious Samba leak exploit

By admin
Spread the love

The National Cyber ​​Security Center expects an exploit to be released soon for a recently patched vulnerability in Samba as proof-of-concept code is available. More than 100,000 online systems are said to be vulnerable.

The NCSC has the warning for the Samba leak scaled up to ‘severe’ due to the expectation of exploits appearing. It was revealed this week that Samba contains a vulnerability that would allow a remote authentication attacker to upload a shared library to a shared directory, have it run by the server, and execute arbitrary code with root privileges.

The vulnerability affects all versions of Samba as of 3.5.0. The developers have a patch released for Samba 4.6.4, 4.5.10 and 4.4.14 and for the older versions there is a workaround. The NCSC puts on a queue that there are also patches for Red Hat, FreeBSD, Suse and Ubuntu, among others.

Security company Rapid7 warns that many users of, say, network storage are running Samba without probably realizing it. After a scan, the company finds that 104,000 Internet-connected systems are vulnerable, nearly 90 percent of which are running a Samba version for which the direct patch is not available.

You might also like
News

SUSE to fork Red Hat Enterprise Linux after source code access restrictions

News

Rocky Linux says to obtain RHEL source code via other methods due to paywall

News

EA will release F1 23 with story mode and ‘more predictable’ controls on…

News

Nothing Phone (2) will be released in the summer and can be seen for the first time

News

Microsoft receives final permit for second data center in Middenmeer

News

Mobile gameplay footage of Assassin’s Creed game Codename Jade has leaked…