是个PAN-OS产品易受CVE-2021-44142?
6863
Created On 02/16/22 21:24 PM - Last Modified 06/07/23 22:23 PM
Question
是个PAN-OS产品易受CVE-2021-44142?
Environment
- PAN-OS 9.1及以上。
- CVE-2021-44142
Answer
工程团队已确认PANOS不易受CVE--2021-44142。
回复:
smb 服务和客户端二进制文件不存在于PAN-OS. samba-common 用于NTLM用户 ID 和强制门户登录的身份验证
如果没有运行 smb 服务,就不可能写入 /etc/samba/smb.conf 中定义的共享。
另一个库包samba-common-libs用于直接调用函数。
Additional Information
- PAN-OS-9-1-开源软件-oss-listing显示Samba3.0.33GPLv2.0
- CVE-2021-44142 :
Issue affecting Samba prior to 4.13.17.
This is a RCE issue which the attacker must need to have a write access to a file's extended attributes. Please review the configuration to verify if the VFS module vfs_fruit exist in the default config ( fruit:metadata=netatalk or fruit:resource=file)
Please remove the "fruit" VFS module from the list.
4.13.17, 4.14.12 and 4.15.5 has been released for the fix. https://www.samba.org/samba/security/CVE-2021-44142.html