U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Samba Remote Code Execution Vulnerability

Original release date: February 24, 2015

Linux and Unix based operating systems employing Samba versions 3.5.0 through 4.2.0rc4 contain a vulnerability in the Server Message Block daemon (smbd). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT recommends users and administrators refer to their respective Linux OS vendor(s) for an appropriate patch if affected. Patches are currently available from Debian, Red Hat, Suse, and Ubuntu. A Samba patch is available for experienced users and administrators to implement.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top