Ubuntu Samba安全漏洞修复处理方法。
漏洞信息:
The version of Samba running on the remote host is 4.13.x prior to 4.13.17, 4.14.x prior to 4.14.12, or 4.15.x prior to 4.15.5. It is, therefore, affected by multiple vulnerabilities:

  • Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution. (CVE-2021-44142)
  • Information leak via symlinks of existence of files or directories outside of the exported share. (CVE-2021-44141)
  • Samba AD users with permission to write to an account can impersonate arbitrary services. (CVE-2022-0336)

Solution
Upgrade to Samba version 4.13.17, 4.14.12, or 4.15.5 or later.

其实很简单,就是将现在samba的版本升级到4.15.5即可。

方法一:在线升级

确认Ubuntu可以正常连接外网的情况下,执行:
更新软件源:

apt-get update

更新samba:

sudo apt-get install samba

或者

sudo apt-get upgrade samba

注意检查samba更新后的参数:

[shared]
path=/home/sambatest
writable=yes
public=yes
browseable=yes
available=yes

重启服务生效:

sudo /etc/init.d/smbd  restart

或者

sudo systemctl  start samba.service

方法二:离线升级

首先至官网下载指定版本的samba安装文件

https://download.samba.org/pub/samba/stable/

d04ef3f1c32344e0a4ce78fa3bf34d01.png

通过winscp上传到Ubuntu后,进行安装即可。

以上就是Ubuntu samba漏洞修复的处理过程。希望帮助到大家。

samba安全通告链接参考如下:

https://www.samba.org/samba/history/security.html
https://www.samba.org/samba/security/CVE-2021-44141.html
https://www.samba.org/samba/security/CVE-2021-44142.html
https://www.samba.org/samba/security/CVE-2022-0336.html

来源:https://blog.csdn.net/weixin_37813152/article/details/123201972

标签: Ubuntu, Samba

添加新评论