Samba – Page 2 – WindowsTechs.com

This Week in Security: Samba, Wormhole Crypto Heist, And A Bogus CVE

Posted on February 4, 2022 by Jonathan Bennett

Samba has a very serious vulnerability, CVE-2021-44142, that was just patched in new releases 4.13.17, 4.14.12, and 4.15.5. Discovered by researchers at TrendMicro, this unauthenticated RCE bug weighs in at …read more Continue reading This Week in Security: Samba, Wormhole Crypto Heist, And A Bogus CVE→

Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)

Posted on February 2, 2022 by Zeljka Zorz

A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to execute arbitrary code as root on affected Samba installations. Several updated… Continue reading Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)→

Clarification regarding CVE-2020-25717 [migrated]

Posted on February 1, 2022 by Michael

We use CentOS 7 and have only samba-client in our deployment.
(We do not have samba server in our deployment.)
Does the CVE-2020-25717 affect our deployment?

Continue reading Clarification regarding CVE-2020-25717 [migrated]→

Samba update patches plaintext password plundering problem

Posted on November 12, 2021 by Paul Ducklin

When Microsoft itself says STOP USING X, where X is one of its own protocols… we think you should listen. Continue reading Samba update patches plaintext password plundering problem→

How to overcome MD4 hashing in SAMBA

Posted on August 20, 2021 by Karn

We are using a Samba configuration on our RedHat (RHEL7.9) systems, where SMB authentication is based on an NTLM password hash, which is basically a clear-text credential for a challenge-response authentication that is stored in a separate… Continue reading How to overcome MD4 hashing in SAMBA→

Centos 7 Samba php:apache Permission Denied when moving file with Docker container after moving to :z volume from samba share [migrated]

Posted on June 22, 2021 by Adam Winter

First, let me say that chmod 777 does not even work for this (though I know that would not be the correct solution).
Here’s the situation: I have a mail server receiving mail. On that server there is a cronjob that runs a .sh script that… Continue reading Centos 7 Samba php:apache Permission Denied when moving file with Docker container after moving to :z volume from samba share [migrated]→

Is SMB3-only Samba secure?

Posted on April 20, 2021 by Ansis Māliņš

There’s lots of "SMB is bad" parrotting online, and whenever I look closely, these claims are either unsubstantiated, or apply to unpached or misconfigured Windows servers or old versions of the SMB protocol.
If I put stuff like … Continue reading Is SMB3-only Samba secure?→

SMB Support in SecureAuthCorp Impackets Samba Server [closed]

Posted on October 13, 2020 by secf00tprint

Does anybody know if Impackets Samba Server does support higher versions than SMB1.
I tried changing the smb.conf to no avail:

If I try to connect I get an
can’t connect to the file share because it’s not secure
on a Windows 10 AD Lab Cli… Continue reading SMB Support in SecureAuthCorp Impackets Samba Server [closed]→

Zerologon Patches Roll Out Beyond Microsoft

Posted on September 23, 2020 by Tara Seals

A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability. Continue reading Zerologon Patches Roll Out Beyond Microsoft→

Microsoft Teams Patch Bypass Allows RCE

Posted on August 5, 2020 by Tara Seals

An attacker can hide amidst legitimate traffic in the application’s update function. Continue reading Microsoft Teams Patch Bypass Allows RCE→