Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Is unRAID affected by this vulnerability

Featured Replies

While the ports associated with file-sharing should never be exposed outside of your local LAN, I was still a bit concerned about the following vulnerability:

 

https://www.samba.org/samba/security/CVE-2015-0240

 

Is unRAID affected? I haven't had a chance to look at which version ships with the latest 5.x stable release, so I thought I would ask.

 

Thanks,

 

--Tom

A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

 

 

==========

Workaround

==========

On Samba versions 4.0.0 and above, add the line:

 

rpc_server:netlogon=disabled

 

to the [global] section of your smb.conf. For Samba versions 3.6.x and

earlier, this workaround is not available.

 

 

Looks like unRAID 5.0.6 is.

root@unRAID:~# cat /etc/unraid-version ; smbd --version
version=5.0.6
Version 3.6.21

 

I'm not running unRAID 6-beta 13 or 14 so someone else will need to provide the version number there.

A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.2.0rc5, 4.1.17, 4.0.25 and 3.6.25 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

 

 

==========

Workaround

==========

On Samba versions 4.0.0 and above, add the line:

 

rpc_server:netlogon=disabled

 

to the [global] section of your smb.conf. For Samba versions 3.6.x and

earlier, this workaround is not available.

 

 

Looks like unRAID 5.0.6 is.

root@unRAID:~# cat /etc/unraid-version ; smbd --version
version=5.0.6
Version 3.6.21

 

I'm not running unRAID 6-beta 13 or 14 so someone else will need to provide the version number there.

 

root@nas:~# cat /etc/unraid-version ; smbd --version
version="6.0-beta14"
Version 4.1.16

At first when I seen this I assumed we must be running our own compiled version of samba as there has been no upstream Slackware announcements on this.

 

However this turns out not to be true as Slackware is @ "samba-4.1.16-x86_64-1.txz"

 

I worry that we have a double delay here with Slackware and then us picking it up.

 

Nice post though I would have missed it.

 

 

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.