Quantum Product Support

SambaCry Vulnerability


Summary

CVE-2017-749

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.


Unaffected Quantum Products

The following Quantum products are known to be unaffected by the Samba vulnerability.

  • Scalar Key Manager
  • Scalar Tape Libraries
  • Lattus (C5, A10, S10, S20, S30)
  • StorNext Software
  • Vision
  • Xcellis Application Director

Vulnerable Quantum Products

Versions of the following Quantum products are known to be vulnerable to Samba.

  • DXi running version 1.4.3+
  • Scalar LTFS
  • StorNext Appliances with NAS licensed
  • vmPRO

Impact

Malicious clients can upload and cause the smbd server to execute a shared library from a writable share.

Solution

Patches to Quantum software and firmware are in progress; please contact your Quantum service representative for the latest status on availability.

  • For StorNext Appliances with NAS licensed to immediately workaround the issue, customers can add the nt pipe support SMB option until the next patch release is available. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients:
    1. To set this SMB option, log into the Console Command Line (see StorNext NAS Documentation Center at http://qsupport.quantum.com/kb/flare/Content/stornext/SNNAS_Docsite/NAS%20CLI%20Guide/NAS_CLI_AccessCCL.htm). Issue the following commands:

      reg set cifs.config.global.nt_pipe_support = no
      share change smb global log level = 1
      share change smb global log level = 0


      If you have configured NAS to run in a cluster, these commands only need to be issued from the master node for the cluster.
    2. You can determine which node is the master node by running the nascluster show command from the Console CLI.
      Master IP will be shown in output. Here’s sample output:

      NAS Cluster IP: 10.20.72.154/eth0, Master: Yes, SNFS Root: /stornext/home, Joined: Yes
      Load balancing: leastconn
      NFS-HA: Disabled
      Master IP: 10.20.72.154
      VIP: 10.20.67.29 active
      Nodes: 3
      1: 10.20.72.154 (Joined)
      2: 10.20.71.234 (Joined)
      3: 10.20.86.111 (Joined)


  • For vmPRO to immediately workaround the issue, customers can add the nt pipe support SMB option. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients:
    1. To set this SMB option, log into the panshell and issue the following commands:

      reg set cifs.config.global.nt_pipe_support = no

    2. From panshell restart smbd service

      system restart services

  • For DXi to immediately workaround the issue, customers can open a Service Request with Quantum to have Service add the nt pipe support SMB option. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

References

Contact Information

In US, call 800-284-5101. In Europe, call toll free +800-7826-8888 or direct +49 6131 324 185. You will need your system serial number. For additional contact information, go to http://www.quantum.com/serviceandsupport/get-help/index.aspx#contact-support