Dangerous remotely exploitable vulnerability found in Samba

Samba, the widely used file sharing tool, has a well-established presence, especially in mixed system environments, where file shares have to be accessed from different operating systems. Like NFS, it has a well-deserved reputation for compatibility, availability, and, most importantly, security. 

High-profile services like Samba are enticing targets for attackers, and vulnerabilities found in these services can often have far-reaching consequences that are sometimes lost in the noise around CVE announcements. CVE-2021-44142, one of the recently disclosed vulnerabilities affecting Samba, has managed to rise above the rest. It is a remotely exploitable vector that could trigger remote code execution. Does anyone else remember Log4j?

All versions of Samba prior to 4.13.17 are affected. TuxCare’s Extended Lifecycle Support team has released patches for CentOS 8.4, 8.5 and Ubuntu 16.04, all of which are impacted.

Continue reading “Dangerous remotely exploitable vulnerability found in Samba”