Samba releases patch to fix Password Reset and DoS Vulnerabilities

Samba releases patch to fix Password Reset and DoS Vulnerabilities

Open source server platform Samba has issued patches for two critical vulnerabilities that could be used to launch denial-of-service attacks or allow anyone to change user and administrator passwords.

Samba is a free, open source interoperability suite that extends Windows file and print services to Unix and Linux machines. Businesses that run Unix/Linux and Windows side by side frequently use Samba to link the two operating systems together, making any risk to the security and stability of Samba a serious risk.

The vulnerabilities in question, CVE-2018-1050 and CVE-2018-1057, are both serious risks for anyone using Samba. If your business has a Samba implementation it's highly recommended that you install the applicable security updates.

What the Samba vulnerabilities can do

The first vulnerability, 1050, affects all Samba instances version 4.0.0 and up. More specifically, it only affects version 4.0.0 and up Samba installations that are also running their Remote Procedure Call (RPC) Spool Subsystem Service (spoolss) as an external daemon (RPC spoolss is configured to internal by default).

If the RPC spoolss misses an input sanitization check it can cause the print spooler to crash, effectively killing the ability for anyone using Samba to send files to a printer. Samba says there is no known vulnerability associated with the error, only the denial of service resulting from the crash of the spooler. Samba added that leaving the RPC spoolss set to internal prevents the problem from occurring.