TOR browser automation.
An vulnerability in Samba 4 allowed remote code to run as root due to a bug in its support for Mac clients.
It’s fixed in 4.13.17, 4.14.12 and 4.15.5, and in case you can’t upgrade, there are patches.
The vuln is being tracked as CVE-2021-44142 and received a CVSS rating of 9.9.
Samba is a FOSS implementation of Microsoft’s Server Message Block (SMB) network protocol. SMB is how Windows (and DOS and OS/2) share drives. Microsoft used to call it the “Common Internet File System” instead, or CIFS [PDF] for short, but the name exceeded the company’s ambition – in Unix land, SMB has never really displaced Sun’s Network File System (NFS).
But macOS isn’t like the other kids Unixes. It’s specifically designed to play nice in a world where Windows dominates, and unlike Apple’s pre-NeXT MacOS (or “classic” as it was dubbed before OS X 10.5 killed it off), macOS (note the very important missing capital) speaks SMB natively.
- DMCA-dot-com XSS vuln reported in 2020 still live today and firm has shrugged it off
- Infosec chap: I found a way to hijack your web accounts, turn on your webcam from Safari – and Apple gave me $100k
- Linux distros haunted by Polkit-geist for 12+ years: Bug grants root access to any user
- Sophos: Log4Shell would have been a catastrophe without the Y2K-esque mobilisation of engineers
Early versions of what was then called OS X used Samba to do this, but after Samba switched to GPL3, Apple dropped Samba in OS X 10.7, and switched to its own implementation.
OS X can also understand the old classic MacOS AppleTalk Filing Protocol (AFP). There’s a Linux server for that, too, called Netatalk. Netatalk was the only way for Classic MacOS to store files on a Linux server, and it supports the rich file metadata that Classic MacOS used. Samba has a special module called vfs_fruit which keeps Samba shares compatible with Netatalk metadata. That is the module that has the vulnerability.
If you actively used vfs_fruit and changed the default configuration, you’re safe from the vulnerability. All the same, everyone should upgrade as soon as possible. ®
How to use browser automation studio.