Multilogin antidetect browser. Remote code execution vulnerability in Samba due to macOS interop module

Multilogin antidetect browser. Remote code execution vulnerability in Samba due to macOS interop module

What is browser automation

TOR browser automation.

An vulnerability in Samba 4 allowed remote code to run as root due to a bug in its support for Mac clients.

It’s fixed in 4.13.17, 4.14.12 and 4.15.5, and in case you can’t upgrade, there are patches.

The vuln is being tracked as CVE-2021-44142 and received a CVSS rating of 9.9.

Samba is a FOSS implementation of Microsoft’s Server Message Block (SMB) network protocol. SMB is how Windows (and DOS and OS/2) share drives. Microsoft used to call it the “Common Internet File System” instead, or CIFS [PDF] for short, but the name exceeded the company’s ambition – in Unix land, SMB has never really displaced Sun’s Network File System (NFS).

Browser automation extension

But macOS isn’t like the other kids Unixes. It’s specifically designed to play nice in a world where Windows dominates, and unlike Apple’s pre-NeXT MacOS (or “classic” as it was dubbed before OS X 10.5 killed it off), macOS (note the very important missing capital) speaks SMB natively.

  • DMCA-dot-com XSS vuln reported in 2020 still live today and firm has shrugged it off
  • Infosec chap: I found a way to hijack your web accounts, turn on your webcam from Safari – and Apple gave me $100k
  • Linux distros haunted by Polkit-geist for 12+ years: Bug grants root access to any user
  • Sophos: Log4Shell would have been a catastrophe without the Y2K-esque mobilisation of engineers

Early versions of what was then called OS X used Samba to do this, but after Samba switched to GPL3, Apple dropped Samba in OS X 10.7, and switched to its own implementation.

  Multilogin antidetect browser. The zero-password future can't come soon enough

OS X can also understand the old classic MacOS AppleTalk Filing Protocol (AFP). There’s a Linux server for that, too, called Netatalk. Netatalk was the only way for Classic MacOS to store files on a Linux server, and it supports the rich file metadata that Classic MacOS used. Samba has a special module called vfs_fruit which keeps Samba shares compatible with Netatalk metadata. That is the module that has the vulnerability.

If you actively used vfs_fruit and changed the default configuration, you’re safe from the vulnerability. All the same, everyone should upgrade as soon as possible. ®

How to use browser automation studio.

Leave a Reply

Back to top