Two Critical Vulnerabilities Patched in Samba
Target: Samba software on Linux and Windows systems
Attack Vector: Exploitation of two vulnerabilities, CVE-2018-1050 & CVE-2018-1057
Summary: New versions of the popular open source networking software Samba have been issued to fix two critical flaws. The patches were issued for both the Windows and Linux versions and closed the scope for remote attackers to launch a DoS attack against servers running Samba, or allow a threat actor to change user passwords.
Due to its availability on Windows and Linux, companies using both operating systems often use the software to link together various types of operations.
Risk assessment summary: The threat is assessed as 4d LOW. While DoS attacks are more difficult to defend against than a typical piece of malware, the way the attack is delivered makes it unlikely to be exploited in the wild. It only affects the print spooler, significantly limiting the damage that can be done. Furthermore, both vulnerabilities have workarounds that can be put in place should a company need to delay patching the flaws. However, a certain amount of risk remains as it is possible for a threat actor to change another user’s password with little skill, potentially providing an opportunity for further attacks. While these vulnerabilities have not been exploited in the wild, the continuing problems with the Samba software make the chances of future issues possible.