NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Any plans for Samba fix for CVE-2017-7494 ?
I posted elsewhere about this, but CVE-2017-7494 NEEDs to be patched on any device still in operation, and I think that includes the older, technically out of support models that I have 6 of. Wit...
Legacy Sparc, x86 and ARM firmware is now available:
RAIDiator-4.1.16 (Sparc)
Hi PHolder,
A firmware upgrade with this patched is already released, 6.7.3:
https://kb.netgear.com/000038777/ReadyNAS-OS-6-Software-Version-6-7-3
I just upgraded to 6.7.3, but appearantly smbd is still v 4.4.9:
Welcome to ReadyNASOS 6.7.3
Last login: Fri May 26 12:58:49 2017 from xxxxx
root@xxxxxx:~# smbd --version
Version 4.4.9
root@xxxxxx:~#Am I missing something??
Since this was a point release, the netgear team likely backported the fix instead of upgrading samba to the latest and greatest, to avoid breaking things.
ctechs wrote:
Since this was a point release, the netgear team likely backported the fix instead of upgrading samba to the latest and greatest, to avoid breaking things.
Exactly. In time we'll move to a newer version of samba on OS6, but for now we backported the fix.
If you look at packages.log (or do a dpkg -l) you'll see that the netgearx at the end of the version of the samba package is incremented by one (where x is a number) compared with the logs you downloaded before updating to 6.7.3. That indicates that we've added some more patches to the samba 4.4.9 code.
We've built firmware with the patch for CVE-2017-7494 for legacy models as well. Once they have undergone QA testing, I believe we plan to release those updates as well:
RAIDiator-4.1.16
RAIDiator-arm-5.3.13
RAIDiator-x86-4.2.31
As for SMB2 and SMB3, we're not updating to a newer samba series on the legacy models at this time so SMB2 support would remain experimental and remain disabled. The new firmware has the same samba version except with the patch so the netgearx at the end (where x is a number) would be incremented by one to reflect the change.
mdgm wrote:As for SMB2 and SMB3, we're not updating to a newer samba series on the legacy models at this time so SMB2 support would remain experimental and remain disabled. The new firmware has the same samba version except with the patch so the netgearx at the end (where x is a number) would be incremented by one to reflect the change.
I'm going to keep beating this dead horse until it upgrades to SMB2:
SMB1 was pretty much already marked as deprecated when ReadyNAS was shipping the NV series as new devices... and in a couple of months people who have one still working will find new installs of Windows won't be able to even access it... It seems like the better customer service story would be a recompile and test cycle that adds the necessary SMB 2 (or even SMB 3) support since we already know it works well in Netgear's other products.
We've built firmware with the patch for CVE-2017-7494 for legacy models as well. Once they have undergone QA testing, I believe we plan to release those updates as well
Do you have an ETA?
As for SMB2 and SMB3, we're not updating to a newer samba series on the legacy models at this time so SMB2 support would remain experimental and remain disabled. The new firmware has the same samba version except with the patch so the netgearx at the end (where x is a number) would be incremented by one to reflect the change.
Does it mean that on my Readynas NV+v2 there is a buried disabled SMB2 I can enable by myself in some way via Putty? Can you point me to some helpful resource to do it? Side effects? Thank you
Does this effectively render the NV+ / Duo obsolete if CIFS ( SMB) is required?
NFS & AFP are both not an option for me.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
