Samba is the standard in many networked environments when it comes to connecting Linux servers with Windows PCs to workstations. In this respect, the current problem should affect a fairly large number of companies and organizations. Information about the bug was released by the Samba development team itself – in conjunction with the appropriate patches.
The problem, therefore, affects Samba versions of the 4 Series. Depending on the state of the variant used, it should be ensured that after installing the update version numbers 4.5.16, 4.6.14 or 4.7.6 are reached. These already contain the patches for error correction.For all Samba variants before 4.5 there are also patches, which must be downloaded and installed individually.
The bug was fixed in the LDAP module of the Samba server, which replicates the directory service of Microsoft’s Windows server. Here, among other things, the login data of the users are managed for a domain. It is currently unclear whether the bug is already being exploited in practice to give attackers access to appropriate systems. The wiki on the software already gives hints on how to detect this in case of doubt.
The main problem here is that it does not necessarily have to be a bad-faith employee who penetrates the corporate network. Often enough, employees also use far too simple passwords or are otherwise inattentive, so that even external criminals could gain access to a user account. They would then be able to penetrate deep into the network.