Potential unexpected code execution vulnerability with file sharing using Microsoft networking (Samba)

Summary

Two vulnerabilities have been discovered in Samba. Samba is mainly used for sharing files among Windows and Unix-like systems, and can also be used as a primary domain controller. The CVE-2015-0240 vulnerability can be exploited by sending specially crafted packets to the Samba server from a malicious client. It could lead to unexpected code execution. On the other hand, the CVE-2014-8143 vulnerability can be exploited to allow remote authenticated users to gain elevated privileges by leveraging delegation of authority for user or computer account creation. However, the latter vulnerability only affects NAS functioning as an AD Domain Controller. Exploitation of any of these vulnerabilities could result in theft or compromise of a system.

Workaround:

Please use the following method to mitigate CVE-2015-0240:

1. Make sure your Turbo NAS has been updated to firmware version 4.1.3. This version is not available for live update, so please update your Turbo NAS manually.
2. Connect to your Turbo NAS with an SSH connectivity tool such as PuTTY (or launch the shellinabox from the App Center on your QTS desktop). For instruction on how to use PuTTY, see https://docs.google.com/document/d/1ntaKUsmEoA6rK_0xmibeaDrDT7gdHKm_uq5av1piTvw/edit?usp=sharing.
3. Copy and paste the exact command below, and then press enter:
   
   scf=/etc/config/smb.conf; sed -i '/rpc_server:netlogon/d' $scf; sed -i '/\[global\]/a
   rpc_server:netlogon=disabled' $scf; /etc/init.d/smb.sh restart

Please note that this command will restart the Microsoft networking service.

Recommendations

QNAP will fix these vulnerabilities with a new QTS release.

Manually updating firmware

1. Go to the QNAP website (https://www.qnap.com/download) and choose your Turbo NAS model.
2. Select "Firmware", find the latest firmware from the list and choose to download from the Global, European or United States server depending on your location.
3. Login to your Turbo NAS as the admin, go to “Control Panel” > “Firmware Update” and choose the “Firmware Update” tab.
   

If you have any questions regarding this issue, please contact us at http://helpdesk.qnap.com/