Groups | Search | Server Info | Login | Register

Groups > comp.protocols.smb > #22

Re: Is a system with ONLY a printer share vulnerable to CVE-2017-7494

Followups directed to: comp.protocols.smb

Show all headers | View raw

BMAC wrote:

> Folks
> Linux based Servers that Rapid7 has indicated has the CVE-2017-7494
> vulnerability.  The system does NOT have any shared file folders. The only
> shared Samba service is shared printers.
> 
> The server vendor indicates that since the Linux based servers ONLY has
> "shared printers" it is not vulnerable to CVE-2017-7494 and does not need
> to be patched.
> 
> The system is a contained print server that only the Print vendor has
> access to the OS.  We cannot access it in any way other then through the
> web portal or sending print jobs to the print shares.
> 
> Is the system still vulnerable to CVE-2017-7494?

In it's current state, it appears that your system is not vulnerable to 
CVE-2017-7494. However, that does not mean that you system is safe; should 
someone change your Samba configuration to permit shared storage, your 
system would be vulnerable.

> Does the system still need to be patched to eliminate risk?

Yes, of course. There is a risk, identified by CVE-2017-7494. In your case, 
the risk seems small, but it still exists as a risk. If your policy is to 
patch systems to eliminate known risks, then you should patch your Samba 
installation.

> 
> Thanks


-- 
Lew Pitcher
"In Skills, We Trust"
PGP public key available upon request

Back to comp.protocols.smb | Previous | Next — Previous in thread | Find similar

Thread

Is a system with ONLY a printer share vulnerable to CVE-2017-7494 BMAC <msg4bmac@gmail.com> - 2017-10-06 07:32 -0700
  Re: Is a system with ONLY a printer share vulnerable to CVE-2017-7494 Lew Pitcher <lew.pitcher@digitalfreehold.ca> - 2017-10-06 13:48 -0400

csiph-web