Samba patch fixes critical vulnerability

Another system on the network could take root privileges on a vulnerable Samba client or server.
Written by Larry Seltzer, Contributor

The latest in a recent series of updates to the Samba file system software fixes a critical vulnerability that could allow an attacker on the local network to take control of a host running a vulnerable version of the Samba nmbd NetBIOS name services daemon.

Samba is an open source implementation of the SMB/CIFS network file sharing protocol. SMB/CIFS is most famous as the protocol used in file sharing over Microsoft Windows networks, and Samba exists largely for non-Windows interoperability with those networks. nmbd is a server component of it which responds to NetBIOS requests over IP networks, associating NetBIOS names and IP addresses.

In order to exploit the vulnerability, a malicious system on the network (a "browser" in CIFS terminology) "...can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root)."

The new current versions of Samba are 4.1.11 and 4.0.21. There are also patches available for Samba versions 4.1.10 and 4.0.20. These versions themselves were just released in the last few days to address numerous non-security bugs.

The patches and new Samba versions are available from Samba, but may not be available soon through services normally used by users. The current version of Samba available from Ubuntu, for example, is 4.1.6, which was a security update released in March 2014.

Editorial standards