7.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.713 High
EPSS
Percentile
97.7%
Samba as a Linux and UNIX system implemented on the SMB Protocol is a freeware software in the*nix category have a very wide range of application scenarios.
Recently, the 360 Gear Team the security researcher(even a Han,Hu JI-bin)found that Samba SMB1 Protocol there is a security flaw, the attacker has a Samba account write permissions to the case, the remote drains away the target Samba server in the memory information, the impact of the Samba full version, the slot number is CVE-2017-12163。 After the Samba and Google team to provide a correction plan.
It is reported, this gap is referred to as SambaBleed gap.
360CERT advocated the use of the Samba software users get security updates.
0x01 event affect
Impact level
Gap risk level is high, affect the size of a wide
Impact version
Samba full version
Corrected version
Samba 4.6.8, 4.5.14 and 4.4.16
0x02 slit details
In the SMB1 Protocol, the user write request size is not strict inspection, beyond that the user has sent the data size, causing the server’s memory information is written to the file, but is not able to control which memory information is written. The official patch before writing plus the requested write data giant of the discrimination, to the defense of the gap.
Leakage is the memory information:
! [](/Article/UploadPic/2017-9/2017922223354518. jpg? www. myhack58. com)
0x03 amended plan
1, Samba 4.6.7, 4.5. 13 and 4. 4. 15 version don’t have to provide an official patch, we strongly advocate that all affected users, to update the official patch, or update to the corrected version.
Patch address: https://www.samba.org/samba/history/security.html
2, the mandatory use of the SMB2 Protocol in smb. conf[global]set the"server min protocol = SMB2_02", and restart the smbd the.
7.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
4.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
0.713 High
EPSS
Percentile
97.7%