BLSA-2017:0058 – [重要] samba4 安全警告及修复方法



  • BLSA-2017:0058 – [重要] samba4 安全警告及修复方法

    问题描述

    samba4 最近暴露出一个严重的漏洞,被称之为Linux版“永恒之蓝”远程代码执行漏洞(CVE-2017-7494),该漏洞需要通过一个可写入的samba用户权限提权到samba所在服务器的root权限,利用这个漏洞,恶意攻击者可以远程执行任意代码。为了增加系统安全强度,建议所有受影响用户都安装BCLinux提供的升级包以修复这些漏洞,升级包包含了修复这些漏洞的补丁文件。

    Samba简介
    Samba是在Linux和UNIX系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成。SMB(Server Messages Block,信息服务块)是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务(samba4是samba的4.0版本)。

    Linux版“永恒之蓝”远程代码执行漏洞
    编号为 CVE-2017-7494 的漏洞被称为Linux版“永恒之蓝”远程代码执行漏洞,该漏洞存在至今已有7年有余,只需满足以下几个条件,攻击者即可利用响应的exploit控制受影响的主机:在互联网上开启文件和打印机共享的445端口,可以通过该端口与存在漏洞的主机进行通信;配置共享文件为可写权限;攻击者已知或可猜测出对应文件的路径。当满足以上3个条件,远程的攻击者可以构造恶意代码,在服务器上执行。取决于存在漏洞的平台,有可能拿到存在漏洞机器的root权限。

    影响版本

    • BigCloud Enterprise Linux 6
    • Red Hat Enterprise Linux 6
    • CentOS Linux 6

    详细介绍

    • CVE-2017-7494 [重要]
      samba近期被发现存在一个远程任意代码执行漏洞,经过身份验证的恶意samba客户端利用这个漏洞,可以对samba共享进行写操作,并以root权限远程执行任意代码。

    解决方案

    目前,BCLinux的官方源已经提供 samba4 更新软件包,受影响的 BCLinux 6 客户端用户需要升级到 4.2.10-10.el6 版本。

    1.检查YUM源设置,确保使用的是BCLinux官方YUM源

    [root@BCLinux ~]# ll /etc/yum.repos.d/
    total 12
    -rw-r--r--. 1 root root  969 Nov 16  2015 BCLinux-Base.repo
    -rw-r--r--. 1 root root 1053 Nov 16  2015 BCLinux-Source.repo
    -rw-r--r--. 1 root root 1184 Nov 16  2015 BigCloud.repo
    

    2.安装更新

    [root@BCLinux ~]# yum update samba4
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    Setting up Update Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package samba4.x86_64 0:4.0.0-58.el6.rc4 will be updated
    ---> Package samba4.x86_64 0:4.2.10-10.el6 will be an update
    --> Processing Dependency: samba4-libs = 4.2.10-10.el6 for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: samba4-common = 4.2.10-10.el6 for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libxattr-tdb-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libutil-tdb-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libutil-reg-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsocket-blocking-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbregistry-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbd-shim-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbd-base-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmb-transport-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsecrets3-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba3-util-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-sockets-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-security-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-passdb.so.0(SAMBA_PASSDB_0.2.0)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-debug-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-cluster-support-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libreplace-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libpopt-samba3-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libndr-samba-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: liblibsmb-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libgse-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: liberrors-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libdbwrap-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcliauth-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-smb-common-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-nbt-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-cldap-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libccan-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libauth-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libCHARSET3-samba4.so(SAMBA_4.2.10)(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libxattr-tdb-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libutil-tdb-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libutil-reg-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsocket-blocking-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbregistry-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbd-shim-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmbd-base-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsmb-transport-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsecrets3-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba3-util-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-sockets-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-security-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-passdb.so.0()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-debug-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libsamba-cluster-support-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libreplace-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libpopt-samba3-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libndr-samba-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: liblibsmb-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libgse-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: liberrors-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libdbwrap-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcliauth-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-smb-common-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-nbt-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libcli-cldap-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libccan-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libauth-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Processing Dependency: libCHARSET3-samba4.so()(64bit) for package: samba4-4.2.10-10.el6.x86_64
    --> Running transaction check
    ---> Package samba4-common.x86_64 0:4.0.0-58.el6.rc4 will be updated
    ---> Package samba4-common.x86_64 0:4.2.10-10.el6 will be an update
    ---> Package samba4-libs.x86_64 0:4.0.0-58.el6.rc4 will be updated
    ---> Package samba4-libs.x86_64 0:4.2.10-10.el6 will be an update
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ===============================================================================================================================================
     Package                              Arch                          Version                               Repository                      Size
    ===============================================================================================================================================
    Updating:
     samba4                               x86_64                        4.2.10-10.el6                         updates                        426 k
    Updating for dependencies:
     samba4-common                        x86_64                        4.2.10-10.el6                         updates                        645 k
     samba4-libs                          x86_64                        4.2.10-10.el6                         updates                        4.4 M
    
    Transaction Summary
    ===============================================================================================================================================
    Upgrade       3 Package(s)
    
    Total download size: 5.4 M
    Is this ok [y/N]: y
    

    3.复查

    [root@BCLinux ~]# rpm -q samba4
    samba4-4.2.10-10.el6.x86_64
    

    4.重启应用

    安装升级包以后,重启应用,更新生效。

    外部链接

    1.BCLinux安全更新