|
The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. Tom Spring reporting from Threatpost writes: “The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just one line of code.” The Samba team which issued the patch on Wednesday, says “all versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.”
— “Comparisons are being made between the WannaCry ransomware attacks… because like WannaCry, the Samba vulnerability could be a conduit for a ‘wormable’ exploit that spreads quickly. Also, any exploit taking advantage of the Samba vulnerability would also take advantage of bugs in the same SMB protocol used by the NSA exploits used to spread WannaCry.” –Tom Spring, Threatpost, 25 May 2017
— No signs of attacks yet in the 12 hours since its discovery was announced. “[I]t had taken researchers only 15 minutes to develop malware that made use of the hole. ... This one seems to be very, very easy to exploit ... more than 100,000 computers [are found] running vulnerable versions of the software, Samba, free networking software developed for Linux and Unix computers. There are likely to be many more.” –Jeremy Wagstaff and Michael Perry, Reuters, 25 May 2017
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byRadix
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC