Samba 4.0.0到4.1.10版本的nmbd(the NetBIOS name services daemon)被发现存在远程命令执行 漏洞 。CVE编号为CVE-2014-3560。目前官方已经发布最新的补丁。
下面是官方公布的漏洞概要:
============================================================= Subject: Remote code execution in nmbd ==== CVE ID#: CVE-2014-3560==== Versions: Samba 4.0.0 to 4.1.10==== Summary: Samba 4.0.0 to 4.1.10 are affected by a == remote code execution attack on ==unauthenticated nmbd NetB IOS name services.========================================================================Description===========All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root).
FreeBuf科普
Samba,是种用来让UNIX系列的操作 系统 与微软Windows操作系统的SMB/CIFS(Server Message Block/Common Internet File System)网络协议做链接的自由软件。第三版不仅可访问及分享SMB的文件夹及打印机,本身还可以集成入Windows Server的域名,扮演为域名控制站(Domain Controller)以及加入Active Directory成员。简而言之,此软件在Windows与UNIX系列OS之间搭起一座桥梁,让两者的资源可互通有无。
查看更多关于Samba 4.x.x全版本存在命令执行漏洞 - 网站安全 -的详细内容...