T-024: Vulnerability in Server Message Block (SMB)
A remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials when a user connects to an attacker's SMB server. This vulnerability allows an attacker to replay the user's credentials back to them and execute code in the context of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
Hello,
I have problems seting up SMB server in Solaris 11.3.
I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly.
I have imported the previous zfs pool with share.smb set... (7 Replies)
All I'm running an OpenSolaris system (Nexenta). When doing a svcs I see that/network/smb/server is in maintenance mode.
I have run a clear on the service and restarted. I see the same service show online* for a bit but then, enters maintenance every time.
In the service log I... (2 Replies)
smbfs(7FS) File Systems smbfs(7FS)NAME
smbfs - CIFS/SMB file system
DESCRIPTION
The smbfs file system allows you to mount CIFS shares that are exported from Windows or compatible systems. SMB is the historical name for
the CIFS protocol, which stands for Server Message Block and is more commonly used in technical contexts.
The smbfs file system permits ordinary UNIX applications to change directory into an smbfs mount and perform simple file and directory
operations. Supported operations include open, close, read, write, rename, delete, mkdir, rmdir and ls.
Limitations
Some local UNIX file systems (for example UFS) have features that are not supported by smbfs. These include:
o A server disconnect is not automatically reconnected.
o No mapped-file access because mmap(2) returns ENOSYS.
o Locking is local only and is not sent to the server.
The following are limitations in the CIFS protocol:
o unlink() or rename() of open files returns EBUSY.
o rename() of extended attribute files returns EINVAL.
o Creation of files with any of the following illegal characters returns EINVAL: colon (:), backslash (), slash (/), asterisk
(*), question mark (?), double quote ("), less than (<), greater than (>), and vertical bar (|).
o chmod and chown settings are silently discarded.
o Links are not supported.
o Symbolic links are not supported.
o mknod is not supported. (Only file and directory objects are supported.)
The current smbfs implementation does not support multi-user mounts. Instead, each Unix user needs to make their own private mount points.
Currently, all access through an smbfs mount point uses the Windows credentials established by the user that ran the mount command. Nor-
mally, permissions on smbfs mount points should be 0700 to prevent Unix users from using each others' Windows credentials. See the diperms
option to mount_smbfs(1M) for details regarding how to control smbfs mount point permissions.
An important implication of this limitation is that system-wide mounts, such as those made using /etc/vfstab or automount maps are only
useful in cases where access control is not a concern, such as for public read-only resources.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-------------------------+---------------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-------------------------+---------------------------------+
|Availability | SUNWsmbfsu |
+-------------------------+---------------------------------+
|Interface Stability | Uncommitted |
+-------------------------+---------------------------------+
SEE ALSO smbutil(1), mount_smbfs(1M), nsmbrc(4), attributes(5)SunOS 5.11 3 Feb 2009 smbfs(7FS)