Samba smbd vulnerability (CVE-2015-0240)

Latest response

Hi,

A Critical security vulnerability has been discovered in the smbd daemon (part of the Samba suite). Potentially, a remote exploit is possible. It affects almost all versions of Samba shipped with Red Hat Enterprise Linux 5-7. Samba shipped with the Red Hat Storage 2.1 and 3 products is also affected. Updated packages that fix the problem are available. All users are advised to update.

Please, see the following KB article for more detailed information (incl. links to respective errata). Samba vulnerability (CVE-2015-0240). A detection lab script is available for testing whether your system needs to be updated.

Responses

Questions:
1. Would the malicious Samba client needs to authenticate 1st? Or are the netlogon packets part of the authentication process?
2. Does this affect all smbd instances, or only when Samba is operating as an NT4-style domain controller?

Hi Mike,

1) Authentication is not needed.
2) All instances of the smbd server daemon.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.