Author Topic: CVE-2015-0240 samba (Read 3333 times)

superkoe · « **on:** March 07, 2015, 05:43:12 am »

When will there be a patch for the smb implementation for the almond+. it's one of the biggest holes in samba ever and a potential threat for my entire network
details http://www.cvedetails.com/cve/CVE-2015-0240/

tt4me · « **Reply #1 on:** March 07, 2015, 08:20:35 am »

Ok I read through that link, but am not quite understanding. I get that it needs to be patched, but can you help me understand how using Samba with this not patched could jeopardize my entire network?

I guess my real question is, would the threat be coming from inside my network or outside?

Thanks for the clarification.

xaminmo · « **Reply #2 on:** March 07, 2015, 06:25:19 pm »

The risk is from anywhere that can reach the Samba ports on the A+. That's usually inside/private network only, which is a risk if any of your hosts *could* be compromised, such as a friend's laptop when they come over to play games.

Based on the vintage of Almond+'s filesets, I would say this is probably low priority. A+ is not an OpenWRT build with packages added. It's a complete fork, with most versions dating from 2011-2013. Since Securifi forked Openwrt, it won't be a matter of just refreshing source and applying packages. They'll have to reproduce a lot of the dev effort that happens on the opensource community to upgrade packages.

There's only so much dev effort, and they're still working on basic functionality.

If you wanted to build the package yourself, this was fixed in Samba 3.6.25 from 2015-02-23: https://www.samba.org/samba/security/CVE-2015-0240 .

OpenWrt included this in Barrier Breaker 14.07 r44516 on 2015-02-24: https://dev.openwrt.org/changeset/44516

The Barier Breaker packages won't run on the A+, so you'll probably want to start with the A+ GPL code bundle from http://firmware.securifi.com/gpl/AP2-GPL.tar.gz .

There might be compatibility with packages built for Backfire 10.0.3.1, but I couldn't find anywhere that maintains backports for that.
There's more info about building on OpenWRT at: http://wiki.openwrt.org/doc/packages

tt4me · « **Reply #3 on:** March 07, 2015, 06:50:02 pm »

Thanks for the information. Fortunately that's not an issue for me as I don't allow others on my network.

matt · « **Reply #4 on:** March 10, 2015, 12:35:18 pm »

Or even if you do, you could only allow from certain IPs (less secure, but fine unless your friends are actively malicious) or use the Guest Network if that meets your requirements (or have separate VLANs if that gets implemented). The whole old fork thing is unfortunate though. I just wonder how major the kernel changes are, if only I had time to look into it (alas I think they have some closed source code too).

LGNilsson · « **Reply #5 on:** March 20, 2015, 07:06:36 am »

We're updating to 3.6.5 at the moment, but it won't make R071, as that's just around the corner.
Problem is, the Samba guys found another nasty issue last month, so we're going to have to look at moving to 3.6.25 at some point as well.

Author Topic: CVE-2015-0240 samba (Read 3333 times)

superkoe

CVE-2015-0240 samba

tt4me

Re: CVE-2015-0240 samba

xaminmo

Re: CVE-2015-0240 samba

tt4me

Re: CVE-2015-0240 samba

matt

Re: CVE-2015-0240 samba

LGNilsson

Re: CVE-2015-0240 samba