Samba Installation Vulnerable for Remote Attacks

Samba software package is generally for UNIX/Linux systems which are used for sharing files, and printers using SMB and CIFS protocols services. Samba allows Linux/Unix users to set up shared folders and allows us to access shared folders on Windows computers using this Service, acting as a medium of communication between the UNIX/Linux based machined and Windows.

Red Hat Security has found a vulnerability in the Samba file server, which is the part of the Samba Software suite packages. Last seven years have been vulnerable for remote code execution vulnerability which allows attackers to upload and execute the infected on the targeted machine and depends on the skill of the hacker who can take control of the vulnerable device which they infected.

All the versions released from Samba 3.5.0 or higher are released with Red Hat Enterprises Linux Versions from 5 to 7 and Red Hat Storage Servers 2.1 and 3 are also affected by this vulnerability.

This issue has bee tracked as CVE-2017-7494 which affects all the versions of Samba and Red Hat Samba Team have released a patch on 24th May 2017 with Samba 4.6.5, 4.5.10 and 4.4.14 for this issue.

The cyber-security firm Rapid7 has discovered that more than 104,000 public exposed servers that appear to be the vulnerable versions of Samba Servers software where the Samba is the default service which starts at the time of boot-up.

NAS Servers and Backup servers are in the Danger

The cyber-security firm Rapid7 has warned that the enterprise backups run in the Samba to back up the data to NAS or the other Backup storages.

“A direct attack or worm would render those backups almost useless, so if patching cannot be done immediately, we recommend creating an offline copy of critical data as soon as possible,” Rapid7’s Jen Ellis writes”

How to update Samba Servers on RHEL or Centos?

To install the updates, we need to update the package manager and below is the command to update –

# yum update

Once the Yum is updated, we need to update the Samba Package and its dependencies with the below command –

# yum update samba

If you are using the RHEL 5 or Centos 5, we need to run the below command –

# yum update samba3x

If you are using the RHEL 6 or Centos 6, then we need to run the below command –

# yum update samba4

Once Samba Software is updated, we have to restart the smbd daemon for which we need to run the below command –

For RHEL 5/6 and Centos 5/6

# service smb restart

For RHEL 7

# systemctl restart smb.service