Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Samba vulnerability (CVE-2015-0240)

Featured Replies

All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an

unexpected code execution vulnerability in the smbd file server

daemon.

 

A malicious client could send packets that may set up the stack in

such a way that the freeing of memory in a subsequent anonymous

netlogon packet could allow execution of arbitrary code. This code

would execute with root privileges.

 

https://access.redhat.com/security/cve/CVE-2015-0240

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0240

 

Question does this issue require an attacker to be on your LAN?

Question does this issue require an attacker to be on your LAN?

 

 

Yes, If you happen to have a comprised desktop, this could then somehow infect a samba server.

Another potential issue would be if samba were exposed to the internet inadequately or by accident.

Question does this issue require an attacker to be on your LAN?

 

 

Yes, If you happen to have a comprised desktop, this could then somehow infect a samba server.

Another potential issue would be if samba were exposed to the internet inadequately or by accident.

 

Good to know!

  • 3 months later...

FYI, unRaid-6.0.0 uses Samba 4.1.17 which includes fix for this vulnerability.  In a future unRaid release we'll be updating to Samba 4.2.x.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.