Security

EMC admin? Plug this hole before the holidays

Because we haven't set fired SMBv1 into the Sun

By Richard Chirgwin

1 SHARE

Dell EMC has patched an SMBv1 bug in its Data Domain Deduplication and Data Protection software.

It's probably worth your time running the patch in, if you can, because as the advisory explained, it's a memory overflow that could open a system to remote code execution (RCE).

CVE-2017-14385 affects quite a few versions of the system: the Data Domain DD OS 5.7 family prior to 5.7.5.6; 6.0 versions prior to 6.0.2.9; 6.1 versions prior to 6.1.0.21; all versions of Data Domain Virtual Edition in 2.0, 3.0 prior to 3.0 SP2 Update 1, and 3.1 prior to 3.1 Update 2.

In its notice, Cisco expanded on the bug's impact: “An attacker could exploit this vulnerability by sending crafted SMBv1 packets to a targeted system. A successful exploit could trigger a memory overflow condition that the attacker could leverage to execute arbitrary code on the system. In addition, the attacker could also leverage this vulnerability to shut down the SMB service and Active Directory authentication, resulting in a DoS condition.”

If you can't patch immediately, external traffic to the system can be blocked at the firewall. Patches are available to registered users here. ®

Sign up to our NewsletterGet IT in your inbox daily

1 Comment

More from The Register

Dell forgot to renew PC data recovery domain, so a squatter bought it

Days later it served malware, but the only visible damage was to Dell's reputation

Facebook users pwnd by phone with account recovery vulnerability

Another lonely day, with no one but FB, oh... I'll send an SMS to the world

Dell soups up low-end Data Domain deduper

Refreshes SMB-sized deduping backup-to-disk box

PC recycler gets 15 months in the clink for whipping up 28,000 bootleg Windows 7, XP recovery discs

E-waste activist's appeal fails as Redmond scores a win

Veeam buys AWS EC2 instance backup and recovery biz

Swallows N2WS so it can stick oar deeper in Amazon cloud

Dell EMC, Veeam eagerly clamber onto Microsoft's Azure Stack: I love it more. No, I love it more

Azure Stack and Hyper-V support ignition for MS

Datto launches backup and disaster recovery technology to combat ransomware

Disaster-proofers merge: Axcient enclosed by eFolder

DRaaS-tic times call for DRaaS-tic measures

Nouvelle niche: Datos IO adds distributed app fragment recovery

+Comment Who are the RecoverX rivals again? Nice gig

Disaster-recoverer Zerto wades into Microsoft clouds

Adds Azure to its replication bridge target list