Web lists-archives.com

Re: [Samba] CIFS Null Session Vulnerability Fix in Samba 3.5.10




Am Donnerstag, 26. April 2018, 14:25:52 CEST schrieb Shashi Kanth 
Boddula via samba:
> Hello Rowland,
> 
> I do not have support contract with RedHat, and due to some
> application dependency i have to be on 5.8. No choice for me to
> upgrade the OS. I have choice to upgrade Samba from 3.5 to 3.6.6
> through RPMs, but i am not really sure whether it solves my core
> issue.
> Coming back to my original query " CIFS Null Session  vulnerability ",
> just i would like to understand whether any smb3.conf parameters
> which can help me here, or this is something a known issue which is
> not implemented in complete 3.X versions, or only 4.X versions can
> solve this issue. Please let me know.
Hi Shashi,
I am just a samba user not a developer. Your antique redhat version has 
support for kvm. So you may install a rpm based distri i.e. centos or fedora 
in a vm. Before you decide which os you install check for the avaiability of 
samba 4.7.7 or 4.8.1 package.

kvm based vm can operate with near native speed of the underlying 
hardware.

-- 

Regards
	Harry Jede
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba