Information Center

Latest vulnerability alert: Samba remote code execution vulnerability


Important notice!!!
The latest vulnerability alert: Samba remote code execution vulnerability, which can directly and remotely use the attack code to obtain server root permissions. It affects Samba versions after 3.5.0 and 4.6.4/4.5.10/4.4.14.
Reinforcement suggestions:
1. For Samba users who use source code installation, please download the latest Samba version for manual update as soon as possible;
2. Users who use binary distribution packages (RPM, etc.) immediately perform yum, apt get update and other security update operations;
Mitigation strategy: The user can mitigate this vulnerability by adding the "nt pipe support=no" option under the [global] node of smb.conf, and then restarting the Samba service.

All new and old server users are requested to conduct self inspection in a timely manner. Thank you