New Case Study: Threat Hunter finds renamed system utilities by file hash to uncover multiple attacks   

Read Case Study


CVE-2021-44142 Announced as Critical Samba Vulnerability

February 2, 2022

CVE-2021-44142, announced after responsible disclosure practices were followed and a full patch made available, was reported by the Samba team as a CVSS 9.9 vulnerability. All versions of Samba prior to 4.13.17, 4.4.12, and 4.4.15 (which are the newest security releases) are affected. Samba is a Linux SMB/CIFS file sharing service that establishes compatibility with Microsoft and Apple SMB implementations. The vulnerability allows for arbitrary remote code execution (RCE) on Samba installations that are deployed with the default configurations for the VFS_fruit module, which establishes compatibility with Apple SMB clients. Workarounds exist by changing the default configuration of fruit_metadata=netatalk or fruit_resource=file

in the /etc/samba/smb.conf file, or by deleting the VFS_fruit module.