Samba CVE-2017-7494

just for info…


First tests:

  1. trying to access shared folders from Win 10 Pro, not joined into domain:
  • without modified smb.conf -> can access the server
  • with modified smb.conf -> can’t access the server

From here:


Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients."

I will try also from Win 10 Pro, joined into domain.


UPDATE: Same situation with domain member (Win 10 Pro).

1 Like

i’ve forgot to write “if someone has some time it would be nice to test the mitigation workaround” with a windows client.I thought I would add it after lunch… Clearly you’ve been faster than my lunch :grin:
thank you for your test @GG_jr
btw it seems there are already new packages from rh, so i think We will not have to wait too much for the fix


From the DC side, I’ve just installed the testing version on my production server! Ready for testing:

yum --enablerepo=nethserver-testing update nethserver-dc

The DC upgrade to 4.6.4 is manual and must be started from “Accounts provider” page.


1 Like