Samba Remote Code Execution Vulnerability

A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges.

On Samba versions 4.0.0 and above, it is recommended to add the line:

rpc_server:netlogon=disabled

to the [global] section of your smb.conf. For Samba versions 3.6.x and earlier, this workaround is not available.

Read more here – http://blog.trendmicro.com/trendlabs-security-intelligence/samba-remote-code-execution-vulnerability-cve-2015-0240/

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top