While WannaCry wreaked havoc across the world, users of Linux and MacOS just kept staring at the confusion and sighed a relief that they weren’t affected. Gladly so, as even the open source Samba server of Linux had a massive vulnerability that could have triggered a mass predicament.
Apparently, the exploitable vulnerability also provided SMB services like WannaCry. But unlike the Microsoft flaw which was discovered by NSA and then stolen by Shadow Brokers, the Samba flaw was noticed and brought to the noticed by a researcher with alias ‘steelo’.
“All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it,” stated Samba project advisory.
Patches have also been released. “Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible,” it added.
Volker Lendecke of SerNet and the Samba Team have provided the fix.