Samba memory information leakage vulnerability not initialized

Release date:
Updated on:

Affected Systems:
Samba <= 4.1.8
Samba <4.0.18
Samba 3.6.6-3.6.23
Description:
--------------------------------------------------------------------------------
Bugtraq id: 67686
CVE (CAN) ID: CVE-2014-0178
 
Samba is a set of programs that implement the SMB (Server Messages Block) protocol, cross-platform file sharing and print sharing services.
 
In versions earlier than Samba 3.6.6-3.6.23, 4.0.18, and 4.1.8, after some vfs shadow replication configurations are enabled, the SRV_SNAPSHOT_ARRAY response field is not correctly initialized, this allows authenticated remote users to request sensitive information about the process memory through FSCTL_GET_SHADOW_COPY_DATA or FSCTL_SRV_ENUMERATE_SNAPSHOTS.
 
<* Source: Christof Schmitt
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
 
If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:
 
* The affected version may not specify "shadow_copy" or "shadow_copy2" for the "vfs objects" parameter ".
 
Vendor patch:
 
Samba
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://www.samba.org/samba/security/CVE-2014-0178

------------------------------------ Split line ------------------------------------

The speed of accessing samba from Ubuntu dual Nic of VMWare Virtual Machine doubles

Add the Samba File Sharing Server to the Windows Server 2003 Domain

Samba installation Configuration

Samba service configuration in CentOS 6.2

How to Build the Win7 + VMware + Fedora18 Samba Server

------------------------------------ Split line ------------------------------------

This article permanently updates the link address: