OpenWrt Forum Archive

Topic: Is SAMBA in OpenWRT vulnerable to CVE-2017-7494 ? (wormable hole)

The content of this topic has been archived on 2 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

https://www.samba.org/samba/security/CVE-2017-7494.html

Can someone on the list speak to whether OpenWRT trunk needs a patched / updated SAMBA or not?

The version I have on a router with DD (bleeding edge from a while ago) is 3.6.25-5.
The advisory notes all versions since 3.5.0 are vulnerable.

A workaround is noted:
in smbd.conf:
nt pipe support = no

q: if OpenWRT is vulnerable, does this workaround mitigate the vulnerability until a new patched SAMBA is incorporated?

Thankyou, wigyori!

The discussion might have continued from here.