DD-WRT :: View topic

SambaCry?

DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)

Author

Message

Cantenna
DD-WRT User

Joined: 28 Feb 2011
Posts: 125

Posted: Thu Jul 27, 2017 18:44 Post subject: SambaCry?
anyone know if the samba patch has been appled in the BS kernels yet? https://f5.com/labs/articles/threat-intelligence/cyber-security/sambacry-the-linux-sequel-to-wannacry

Sponsor

Cantenna
DD-WRT User

Joined: 28 Feb 2011
Posts: 125

Posted: Fri Jul 28, 2017 21:17 Post subject:
Well, I take it then that ddwrt is vulnerable to this exploit if samba is used.

ATHF
DD-WRT Guru

Joined: 14 Dec 2015
Posts: 774
Location: 127.0.0.1

Posted: Mon Jul 31, 2017 5:20 Post subject:

All I can find about samba or smbd is here http://svn.dd-wrt.com/changeset/26342/src/router/samba36/WHATSNEW.txt

Not sure if it has been updated.
_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv

Cantenna
DD-WRT User

Joined: 28 Feb 2011
Posts: 125

Posted: Mon Jul 31, 2017 6:14 Post subject:

ATHF wrote:

All I can find about samba or smbd is here http://svn.dd-wrt.com/changeset/26342/src/router/samba36/WHATSNEW.txt

Not sure if it has been updated.

thanks m8, yes, were looking for mention of SambaCry CVE-2017-7494.

here mention of current samba version used;
http://svn.dd-wrt.com/changeset/32136

And info regarding the vulnerability;
https://f5.com/labs/articles/threat-intelligence/cyber-security/sambacry-the-linux-sequel-to-wannacry

Hope noone is using samba commercially...

128bit
DD-WRT User

Joined: 03 May 2017
Posts: 132
Location: NC, USA

Posted: Mon Jul 31, 2017 8:22 Post subject:

Cantenna wrote:

ATHF wrote:

All I can find about samba or smbd is here http://svn.dd-wrt.com/changeset/26342/src/router/samba36/WHATSNEW.txt

Not sure if it has been updated.

great write-up on that 2nd url. i use samba but it's all intranet, and there is no external access. would be great to learn if this vulnerability is on mr. bslayer's build list.

. . . much appreciated.
_________________
asus rt-ac86u stock: 3.0.0.4.384_45149
wrt3200acm: r34578 {sunset}
"why nibble when u can take a byte."

Cantenna
DD-WRT User

Joined: 28 Feb 2011
Posts: 125

Posted: Wed Aug 02, 2017 4:53 Post subject:
Yes, would like to know as well:) I too also you for personal so not to worried... but do hope for a fix soon.

Cantenna
DD-WRT User

Joined: 28 Feb 2011
Posts: 125

Posted: Mon Aug 14, 2017 13:17 Post subject:
A hacker having secured root privileges on a router presents a far greater risk then just a compromised client computer on the network... And with this bug in the wild, once a clients computer becomes compromised, so does the router.

Display posts from previous:

Page 1 of 1

DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Log in

SambaCry?

Quick Links

Log in