Samba is a free software re-implementation of the SMB/CIFS networking protocol. It provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain.
However, Samba has a remote code execution vulnerability. Attackers may exploit the vulnerability to construct a malicious request packet and attack the Samba system remotely without going through any request verification.
Samba 3.5.0 to 4.2.0rc4
Upgrade Samba to the latest version.
In addition, you can add the following command to the
smb.conffile of Samba 4.0.0 or above (not applicable to 3.6.x and earlier versions).
Note: To guarantee normal operation of the application, run a test in the test environment first before upgrading the software.