BMAC wrote:
Folks
Linux based Servers that Rapid7 has indicated has the CVE-2017-7494 vulnerability. The system does NOT have any shared file folders. The only shared Samba service is shared printers.
The server vendor indicates that since the Linux based servers ONLY has "shared printers" it is not vulnerable to CVE-2017-7494 and does not need
to be patched.
The system is a contained print server that only the Print vendor has
access to the OS. We cannot access it in any way other then through the
web portal or sending print jobs to the print shares.
Is the system still vulnerable to CVE-2017-7494?
In it's current state, it appears that your system is not vulnerable to CVE-2017-7494. However, that does not mean that you system is safe; should someone change your Samba configuration to permit shared storage, your
system would be vulnerable.
Does the system still need to be patched to eliminate risk?
Yes, of course. There is a risk, identified by CVE-2017-7494. In your case,
the risk seems small, but it still exists as a risk. If your policy is to
patch systems to eliminate known risks, then you should patch your Samba installation.
Thanks
--
Lew Pitcher
"In Skills, We Trust"
PGP public key available upon request
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)