/build/static/layout/Breadcrumb_cap_w.png

Samba CVE-2012-1182, the K1000 and the K2000

On April 10, 2012, the developers of Samba revealed a remote code execution vulnerability with potentially serious security consequences.  The vulnerability is described in detail at https://www.samba.org/samba/security/CVE-2012-1182. The version of Samba used in KACE K-Series appliances contains the vulnerability.

The Dell KACE team is preparing an update to each appliance that will upgrade Samba to a compatible version which does not contain the vulnerability.  We hope to have that update ready soon.

In the meantime, there are precautions that can be taken to mitigate the potential vulnerability:

Dell KACE K1000 and VK1000 Systems Management Appliances, all versions:

Samba file shares are only necessary for provisioning the K1000 agent.  If your security team recommends the disablement of Samba until a patch is available, you can provision the agent through other mechanisms.  Samba can be disabled by logging into the web admin console and navigating to Settings/Control Panel/K1000 Security Settings and unchecking the box for "Enable File Sharing" under "Samba Share Settings".

Dell KACE K2000 and VK2000 Systems Deployment Appliances, all versions:

Samba shares are an integral part of K2000 and VK2000 functionality, and cannot be manually disabled.  Dell KACE recommends that access to appliance Samba shares be limited by means of physical and network security to mitigate this possible vulnerability until the security update is available from Dell KACE. 


Customers with questions or concerns may contact Dell KACE support or reply in this thread.  I'll do my best to answer your questions and update this thread as more information becomes available.
 

 


Comments

  • I have had a few questions regarding this issue.
    1. Was this information released to the news feed on the K1000 or the news feed on KACE.com?
    2. Has the samba security patch for the K2000 been made available? If so, will it be added to the download site? - Moncus 9 years ago
  • I see no release notes for this patch, so my question is...what patch do I install for my K1000 when it comes to 32-bit or 64-bit? This is an appliance running it's own OS so I'm not sure how to check on which version I need. - ACAST 9 years ago
    • Never mind, I found another post that answers this. - ACAST 9 years ago
  • Here is a link to the article mentioned above by ACAST:

    How to tell if your K1000 is 32 bit or 64 bit

    http://www.itninja.com/blog/view/how-to-tell-if-your-k1000-is-32-bit-or-64-bit - Moncus 9 years ago
This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ