14 DAY TRIAL // A fix for a vulnerability in the “nmbd” NetBIOS name services daemon that would allow an attacker to remotely execute arbitrary code has been made available for all versions of Samba 4.x.x.
The glitch consisted in the fact that a potential intruder could send malicious packets that would overwrite the heap of the targeted “nmbd” NetBIOS name services daemon.
As a result of the malicious traffic, some memory operations are handled incorrectly, creating a remote code execution vulnerability that permits an intruder on the same network as the affected system to run programs with the highest privileges.
“A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root),” informs the advisory.
The security flaw was identified by Samba Team member Volker Lendecke, who also provided the fix. Users are advised to update Samba to the latest versions, 4.1.11 and 4.0.21, in order to benefit from enhanced security against this bug. Older versions are also affected and a patch has been released for them, too.
A workaround for safeguarding against the flaw consists in preventing the NetBIOS name services daemon, “nmbd,” from running.