In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-07 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article is about how to analyze Samba information disclosure vulnerability SambaBleed, the editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.
As a free software to implement SMB protocol on Linux and UNIX systems, Samba has a wide range of applications in the field of * nix.
A few days ago, security researchers at 360360 Gear Team (Lian Yihan, Hu Zhibin) found that there was a security flaw in the Samba SMB1 protocol. An attacker with write access to the Samba account could remotely disclose the memory information of the target Samba server, affecting the full version of Samba. The vulnerability number is CVE-2017-12163. After that, the Samba and Google teams provided a fix.
It is reported that this vulnerability is called SambaBleed vulnerability.
360CERT recommends that users of Samba software make security updates as soon as possible.
0x01 event influence surface
Level of influence
The risk level of vulnerability is high, and the scope of influence is wide.
Affect the version
Full version of Samba
Repair version
Samba 4.6.8,4.5.14 and 4.4.16
Details of 0x02 vulnerability
In the SMB1 protocol, the scope of the user write request is not strictly checked, which exceeds the size of the data that the user has sent, which causes the memory information of the server to be written to the file, but can not control which memory information is written. The officially provided patch defends the vulnerability by adding a judgment on the size of the requested write data before writing.
Leaked memory information:
0x03 repair scheme
1. Official patches are available in versions 4.6.7,4.5.13 and 4.4.15 of Samba. It is strongly recommended that all affected users update the official patches in a timely manner or update to the fixed version.
Patch address: https://www.samba.org/samba/history/security.html
2. Force the use of SMB2 protocol, set "server min protocol = SMB2_02" in [global] of smb.conf, and restart smbd.
The above is how to analyze the Samba information disclosure vulnerability SambaBleed, the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 202
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.