Because we haven't set fired SMBv1 into the Sun By Richard Chirgwin Posted in Security, 21st December 2017 04:56 GMT @DellEMC has patched an #SMBv1 bug in its @DataDomain #Deduplication and #DataProtection software. It's probably worth your time running the patch in, if you can, because as the advisory explained, it's a memory overflow that could open a system to remote code execution (RCE). CVE-2017-14385 affects quite a few versions of the system: the Data Domain DD OS 5.7 family prior to 5.7.5.6; 6.0 versions prior to 6.0.2.9; 6.1 versions prior to 6.1.0.21; all versions of Data Domain Virtual Edition in 2.0, 3.0 prior to 3.0 SP2 Update 1, and 3.1 prior to 3.1 Update 2. In its notice, Cisco expanded on the bug's impact: “An attacker could exploit this vulnerability by sending crafted SMBv1 packets to a targeted system. A successful exploit could trigger a memory overflow condition that the attacker could leverage to execute arbitrary code on the system. In addition, the attacker could also leverage this vulnerability to shut down the SMB service and Active Directory authentication, resulting in a DoS condition.” If you can't patch immediately, external traffic to the system can be blocked at the firewall. Patches are available to registered users here. ®
No comments:
Post a Comment