Collaborate Disseminate
Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency. Continue reading Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability
SMB is the Windows networking protocol, so SMB security holes like the one that led to WannaCry can’t happen on Linux/Unix, right? Wrong! Continue reading Samba exploit – not quite WannaCry for Linux, but patch anyway!
Great news everyone, Windows is not the only operating system with remote code execution via SMB. Linux has also its own, seven-year-old version of the bug. /s
This Linux remote execution vulnerability (CVE-2017-7494) affects Samba, the Linux re-implementation of the SMB networking protocol, from versions 3.5.0 onwards (since 2010). The SambaCry moniker was almost unavoidable.
The bug, however, has nothing to do on how Eternalblue works, one of the exploits that the current version of WannaCry ransomware packs with. While Eternalblue is essentially a buffer overflow exploit, CVE-2017-7494 takes advantage of an arbitrary shared library load. To exploit it, a …read more
The Samba Team has patched a severe bug that leaves computers vulnerable to wormable exploit. Continue reading Samba Patches Wormable Bug Exploitable With One Line Of Code
