11 April,19 at 11:50 AM
Product:
Centrify Server Suite (now part of Infrastructure Services), Centrify DirectControl, DirectControl Plugins
Component:
Centrify ADBindProxy, Centrify DirectControl, DirectControl Plugins
Summary:
Question:
What is the impact of SMBLoris (ETR-2017-V005) on Centrify ADBindProxy and Samba?
Answer:
The SMBLoris (ETR-2017-V005) flaw is a DOS attack that allows an attacker to open a connection to a remote computer via the SMB protocol and instruct that computer to allocate RAM to handle the connection. The attacker doesn't have to be authenticated.
The vulnerability does not allow remote code execution, which means an attacker can't take over vulnerable computers, but only crash them, at best.
Since Centrify no longer distributes Samba, Centrify will not be providing a fix for this issue.
However, there are mitigation mechanisms available. For more information, please see KB-9060 or contact Centrify Support.