Samba is a popular open-source implementation of the SMB/CIFS protocol for Unix-like systems. This vulnerability allows a remote attacker to obtain root access by specifying a long password.
Samba is a popular open-source implementation of the SMB/CIFS protocol for Unix-like systems. This vulnerability allows a remote attacker to obtain root access by specifying a long password.
You're affected if you use Samba versions 3.0.2a through 4.1.12. Check with: smbclient -Q // (for Windows clients) or testparm -s // (for Linux/Unix clients). Note that this is a remote vulnerability, and no authentication is required.
Upgrade to Samba 4.2.0 or later.
- For immediate mitigation: Restrict password length using the map password = yes option in your smb.conf file.