From owner-freebsd-security@freebsd.org Tue May 30 17:16:17 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BE3EEB88F12 for ; Tue, 30 May 2017 17:16:17 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 41E7F70450; Tue, 30 May 2017 17:16:16 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from thor.intern.walstatt.dynvpn.de ([78.52.137.20]) by mail.gmx.com (mrgmx003 [212.227.17.190]) with ESMTPSA (Nemesis) id 0MFMEG-1dAEyf2m6G-00EJQI; Tue, 30 May 2017 19:16:13 +0200 Date: Tue, 30 May 2017 19:16:12 +0200 From: "O. Hartmann" To: Dimitry Andric Cc: "O. Hartmann" , freebsd-security@freebsd.org Subject: Re: Samba CVE-2017-7494 and SMB implementation of FreeBSD 10 through 12 Message-ID: <20170530191612.71ab88b5@thor.intern.walstatt.dynvpn.de> In-Reply-To: References: <20170530185559.2b94ca1b@thor.intern.walstatt.dynvpn.de> Organization: WALSTATT User-Agent: OutScare 3.1415926 X-Operating-System: ImNotAnOperatingSystem 3.141592527 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/fHPX+n8bswKm/R3b1vzKczO"; protocol="application/pgp-signature" X-Provags-ID: V03:K0:XdsMyEi9mk3zrlg6oOJPXwNbebpzXC3Nla8bxV+TLl4E/SaUMlk 0Gzq0iKD0VNCE1Mlhc98DTUmpXlTXtfJdb0TH4ae48o2PJCJH6sJkv0y+BxFvoFr+4nMWoI xe98mzNj05EU0MJnkTJlZlqRtKtsj2tQD4ni8JN2LOwWFNTTXY4qX6g+/O0syxGqq5KT1It p4xx2cMdsnvWekPT6aJeg== X-UI-Out-Filterresults: notjunk:1;V01:K0:QSEnPJsRpEo=:VtMdVYiKcJ40c6V+mB+s4m qnfY8LzoeDPyMs6cFrgApQF1qd4+vf4hcxyJyLtR3HYd8hU+QDiVnZyqrneWIdGjnzJ24VksR VsENNLXFbvnDEVoanHrCDdSuNYDQvWa+0RPaxMBFcl8Dk0jugdjpe/JTgTIzhFJG70jU5NdXr 1qiudbQis9TH7hONQ59tXIe1kQSR8BJIzkpdL8Uoox8SVkHw7fWwGJ3McwfCasOhx2ZtTr+oM TbhKFkG0iZBAnwL8qa3VrPD0kfaUGTrnCX7a1LGen+FGRjfb1DAErpcETDlG5PE41lw94WVxd lXi+H0eRepW/7wrgk2UbqY1yHBAJM/U1FiJu65I8WYzXfKcUlQi+a7u9csWdjVFhfSDQGuDC8 dvj1rlWFUflng+Z36o6poApjHGsQIw21lS9TV10yWCnor68nYqfsVrP8vH3mTXwWc43WmZq1c qGRJCahELO7tcMdJiuEgS0zdQevf2zvW5yuoZMibIsT2xz8odJbyAuD78GefyGG9/Vu+diAmu BS9jg2odhFDYSbSqz+eJToSlWOnBbvJY62fHr1sz6WEMr7DrCVfovqg7OClAczYAx6arX6UHG nX2VzvS5Q78aEgmId5Bc7tyWGK2ONRabgnB8KCoTYm2WV/jxioJzoXliJ1/MUcMfU04jsXylM 5WXg0uDhtAJUT5bxfX03yz5UzRJ404kJ4pzzc3yDIZ832Ejb/OuHPlNuxtHyEEmYwfZG9AUNv swF+rOitmo66poNdRm4apL6wWirv0C0KmQFcEhgvzVS17rGIHuI3EOlYlYw= X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 May 2017 17:16:17 -0000 --Sig_/fHPX+n8bswKm/R3b1vzKczO Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Am Tue, 30 May 2017 19:14:42 +0200 Dimitry Andric schrieb: > On 30 May 2017, at 18:55, O. Hartmann wrote: > >=20 > > Am Mon, 29 May 2017 23:47:46 +0200 > > Dimitry Andric schrieb: > > =20 > >> On 29 May 2017, at 18:53, Darko Gavrilovic wr= ote: =20 > >>>=20 > >>> Hello, does anyone know or able to confirm if Samba CVE-2017-7494 > >>> affects Samba 3.6.25 on Freebsd 9.x? > >>>=20 > >>> https://lists.samba.org/archive/samba-announce/2017/000406.html =20 > >>=20 > >> The advisory very clearly says "all versions of Samba from 3.5.0 > >> onwards", so yes. In addition, the 3.x series is dead, and completely > >> unsupported. It is probably wise to upgrade, for example to 4.6.4. > >>=20 > >> -Dimitry > >> =20 > >=20 > > I'm just curious and to have an answere at hand for my superiors: > >=20 > > FreeBSD has a SMB implementation we uitlise with FreeBSD 10.3 and 11.0.= Is FreeBSD's > > implementation somehow affected by the bug revealed in SAMBA >=3D 3.6.2= 5? =20 >=20 > If you mean smbfs, then that is an SMB *client* only, not a server. > CVE-2017-7494 is specifically about an exploitable bug in Samba's SMB > server component. FreeBSD does not provide any SMB server in the base > system. >=20 > That said, I don't know whether there are any security bugs in our smbfs > client implementation. It is really a completely different matter. The > code seems to have been largely unmaintained for years, though, so > purely on that basis it does not inspire a great deal of confidence. >=20 > -Dimitry >=20 Thank you very much for these clear words! Oliver --=20 O. Hartmann Ich widerspreche der Nutzung oder =C3=9Cbermittlung meiner Daten f=C3=BCr Werbezwecke oder f=C3=BCr die Markt- oder Meinungsforschung (=C2=A7 28 Abs.= 4 BDSG). --Sig_/fHPX+n8bswKm/R3b1vzKczO Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iLUEARMKAB0WIQQZVZMzAtwC2T/86TrS528fyFhYlAUCWS2o3AAKCRDS528fyFhY lHtrAf9JPHJXuSsIAuoyhzhtQ6ET4gcHGyQhPVO5p47gKDzquBRXRfIvtqkHlJl2 ghh3Z6AZDbIOIkzayJMdPDRQwjNIAf9sBi7hUtGhlGBnB3/q+AhMBHdkSpqPrMSp ia364KwKlDp22EKtEu7gr4vwbchRB6RwFueEUn5Xz0n6dRDi6kU2 =YBJu -----END PGP SIGNATURE----- --Sig_/fHPX+n8bswKm/R3b1vzKczO--