General > Security & Bug Fixes
Samba vulnerability CVE-2017-7494 Series 2.x Series 3.x
Jerry:
Run the above command. If it returns the above version, you're OK, nothing to do. If not, run that command once a day until it shows the above version. Make sure you run sudo apt-get update first each time.
Sent from my Mobile phone using Tapatalk
amigo:
Jerry,
When you say "should" does that mean I "should" install something myself or it "should" already be installed, possibly through updates.
I'm not that savvy so I if it's I need to do something myself I may need some guidance. Like step by step.
Thx
Morris
Jerry:
People should already have this patched version:
--- Code: ---Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.7
Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.7
--- End code ---
--- Code: ---apt policy samba
--- End code ---
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7494.html
bitsnpcs:
I posted about this a few weeks ago on the forum, same port, same method.
One other member, @paul1149 ( I think) who replied had noticed the same and also fixed his.
Although I knew no technical info about it until I received the news from Google to the phone today one of which was the Reuters article published today.
So as it was more accurate and contained useful info that was easier to understand than my post was, I thought it would be useful to post the link and let people decide what to do, or read more on.
Also @Ottawagrant in the hope people like yourself add useful links so we can to learn more info. :)
Ottawagrant:
Read about this the other day. Very, very important that you check what (samba) processes are running as root on your computer:
https://arstechnica.com/security/2017/05/a-wormable-code-execution-bug-has-lurked-in-samba-for-7-years-patch-now/
https://community.rapid7.com/community/infosec/blog/2017/05/25/patching-cve-2017-7494-in-samba-it-s-the-circle-of-life
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version