{"id":25300,"date":"2022-02-09T23:07:53","date_gmt":"2022-02-09T15:07:53","guid":{"rendered":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/?p=25300"},"modified":"2024-11-19T11:22:02","modified_gmt":"2024-11-19T03:22:02","slug":"25300","status":"publish","type":"post","link":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/archives\/25300","title":{"rendered":"\u3010\u6f0f\u6d1e\u9810\u8b66\u3011\u7279\u5b9a\u7248\u672cSamba\u8edf\u9ad4\u5b58\u5728\u9ad8\u98a8\u96aa\u5b89\u5168\u6f0f\u6d1e(CVE-2021-44142)\uff0c\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u8acb\u5118\u901f\u78ba\u8a8d\u4e26\u9032\u884c\u66f4\u65b0"},"content":{"rendered":"<h3 style=\"text-align: center;\">\u884c\u653f\u9662\u570b\u5bb6\u8cc7\u901a\u5b89\u5168\u6703\u5831\u6280\u8853\u670d\u52d9\u4e2d\u5fc3<\/h3>\n<h3 style=\"text-align: center;\">\u6f0f\u6d1e\/\u8cc7\u5b89\u8a0a\u606f\u8b66\u8a0a<\/h3>\n<table border=\"1\" cellspacing=\"0\" align=\"center\">\n<tbody>\n<tr>\n<td width=\"80\">\u767c\u5e03\u7de8\u865f<\/td>\n<td>NCCST-ANA-2022-0000041<\/td>\n<td>\u767c\u5e03\u6642\u9593<\/td>\n<td>Thu Feb 03 15:16:41 CST 2022<\/td>\n<\/tr>\n<tr>\n<td width=\"80\">\u4e8b\u4ef6\u985e\u578b<\/td>\n<td>\u6f0f\u6d1e\u9810\u8b66<\/td>\n<td>\u767c\u73fe\u6642\u9593<\/td>\n<td>Thu Feb 03 00:00:00 CST 2022<\/td>\n<\/tr>\n<tr>\n<td>\u8b66\u8a0a\u540d\u7a31<\/td>\n<td colspan=\"3\">\u7279\u5b9a\u7248\u672cSamba\u8edf\u9ad4\u5b58\u5728\u9ad8\u98a8\u96aa\u5b89\u5168\u6f0f\u6d1e(CVE-2021-<wbr \/>44142)\uff0c\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c<wbr \/>\u8acb\u5118\u901f\u78ba\u8a8d\u4e26\u9032\u884c\u66f4\u65b0<\/td>\n<\/tr>\n<tr>\n<td>\u5167\u5bb9\u8aaa\u660e<\/td>\n<td colspan=\"3\">Samba\u662f\u8b93Unix\/Linux\u4f5c\u696d\u7cfb\u7d71\u8207\u5fae\u8edfWindow<wbr \/>s\u4f5c\u696d\u7cfb\u7d71\u4e4b\u9593\uff0c\u900f\u904eSMB(Server Message Block)\u5354\u5b9a\u9032\u884c\u9023\u7d50\u4e4b\u8edf\u9ad4\u3002<\/p>\n<p>\u7814\u7a76\u4eba\u54e1\u767c\u73feSamba\u5728\u9810\u8a2d\u7d44\u614b(fruit:<wbr \/>metadata=netatalk\u6216fruit:<wbr \/>resource=file)\u6642\uff0c\u865b\u64ec\u6a94\u6848\u7cfb\u7d71(Virtual File System\uff0cVFS)\u4e2d\u4e4bvfs_fruit\u6a21\u7d44\u5728smbd\u958b<wbr \/>\u555f\u6a94\u6848\u8207\u89e3\u6790EA metadata\u904e\u7a0b\u4e2d\uff0c\u5b58\u5728\u8d8a\u754c\u8a18\u61b6\u9ad4\u5806\u7a4d\u8b80\u5beb(out-<wbr \/>of-bounds heap read\/write)\u6f0f\u6d1e(CVE-2021-44142)\uff0c<wbr \/>\u5c0e\u81f4\u653b\u64ca\u8005\u53ef\u4ee5root\u6b0a\u9650\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u5f71\u97ff\u5e73\u53f0<\/td>\n<td colspan=\"3\">Samba 4.13.17(\u4e0d\u542b)\u4ee5\u524d\u7248\u672c<\/td>\n<\/tr>\n<tr>\n<td>\u5f71\u97ff\u7b49\u7d1a<\/td>\n<td colspan=\"3\">\u9ad8<\/td>\n<\/tr>\n<tr>\n<td>\u5efa\u8b70\u63aa\u65bd<\/td>\n<td colspan=\"3\">Samba\u7dad\u8b77\u55ae\u4f4d\u4e4b\u5b98\u65b9\u7db2\u9801\u5df2\u91dd\u5c0d\u6b64\u6f0f\u6d1e\u91cb\u51fa\u66f4\u65b0\u7a0b\u5f0f\uff0c<wbr \/>\u8acb\u5404\u6a5f\u95dc\u806f\u7d61\u8a2d\u5099\u7dad\u8b77\u5ee0\u5546\u9032\u884c\u7248\u672c\u78ba\u8a8d\u4e26\u66f4\u65b0\u81f34.13.17\u4ee5<wbr \/>\u4e0a\u7248\u672c\uff1a<\/p>\n<p><a href=\"https:\/\/www.samba.org\/samba\/security\/\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.samba.org\/samba\/security\/&amp;source=gmail&amp;ust=1644504950271000&amp;usg=AOvVaw0_IY3_lLDNkpq3OYL7hBQ8\">https:\/\/www.samba.org\/samba\/<wbr \/>security\/<\/a><\/p>\n<p>\u82e5\u73fe\u968e\u6bb5\u7121\u6cd5\u7acb\u5373\u66f4\u65b0Samba\u8edf\u9ad4\u4e4b\u7248\u672c\uff0c\u5247\u53ef\u958b\u555fSamba<wbr \/>\u7d44\u614b\u6a94(smb.conf)\uff0c\u5f9eVFS\u7269\u4ef6\u7d44\u614b\u6e05\u55ae\u4e2d\u79fb\u9664\u300cfr<wbr \/>uit\u300dVFS\u6a21\u7d44\uff0c\u4ee5\u6e1b\u7de9\u6f0f\u6d1e\u6240\u9020\u6210\u4e4b\u5f71\u97ff\u3002<\/td>\n<\/tr>\n<tr>\n<td>\u53c3\u8003\u8cc7\u6599<\/td>\n<td colspan=\"3\">\n<ol>\n<li><a href=\"https:\/\/www.samba.org\/samba\/security\/CVE-2021-44142.html\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.samba.org\/samba\/security\/CVE-2021-44142.html&amp;source=gmail&amp;ust=1644504950271000&amp;usg=AOvVaw2zaRbaDswi9sZqjhZ2vKzA\">https:\/\/www.samba.org\/samba\/<wbr \/>security\/CVE-2021-44142.html<\/a><\/li>\n<li><a href=\"https:\/\/www.samba.org\/samba\/history\/security.html\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.samba.org\/samba\/history\/security.html&amp;source=gmail&amp;ust=1644504950271000&amp;usg=AOvVaw2msbCdQu0pnMugaifnckhH\">https:\/\/www.samba.org\/samba\/<wbr \/>history\/security.html<\/a><\/li>\n<li>https:\/\/thehackernews.com\/<wbr \/>2022\/01\/new-samba-bug-allows-<wbr \/>remote-attackers.html?m=1<\/li>\n<li><a href=\"https:\/\/www.ithome.com.tw\/news\/149175\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.ithome.com.tw\/news\/149175&amp;source=gmail&amp;ust=1644504950272000&amp;usg=AOvVaw3un0lec-OnCjW8TKlo3Yd5\">https:\/\/www.ithome.com.tw\/<wbr \/>news\/149175<\/a><\/li>\n<\/ol>\n<\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\"><\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">\u6b64\u985e\u901a\u544a\u767c\u9001\u5c0d\u8c61\u70ba\u901a\u5831\u61c9\u8b8a\u7db2\u7ad9\u767b\u8a18\u4e4b\u8cc7\u5b89\u4eba\u54e1\u3002\u82e5\u8cb4\u00a0\u55ae\u4f4d\u4e4b\u8cc7<wbr \/>\u5b89\u4eba\u54e1\u6709\u8b8a\u66f4\uff0c\u53ef\u9015\u81ea\u767b\u5165\u901a\u5831\u61c9\u8b8a\u7db2\u7ad9\uff08<a href=\"https:\/\/www.ncert.nat.gov.tw\/\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.ncert.nat.gov.tw\/&amp;source=gmail&amp;ust=1644504950272000&amp;usg=AOvVaw30I2HSD5gypC51KRrDIlHC\">https:\/\/<wbr \/>www.ncert.nat.gov.tw<\/a>\uff09\u9032\u884c\u4fee\u6539\u3002<wbr \/>\u82e5\u60a8\u4ecd\u70ba\u8cb4\u55ae\u4f4d\u4e4b\u8cc7\u5b89\u4eba\u54e1\u4f46\u975e\u672c\u4e8b\u4ef6\u4e4b\u8655\u7406\u4eba\u54e1\uff0c<wbr \/>\u8acb\u5354\u52a9\u5c07\u6b64\u901a\u544a\u544a\u77e5\u76f8\u95dc\u8655\u7406\u4eba\u54e1\u3002<\/p>\n<p>\u5982\u679c\u60a8\u5c0d\u6b64\u901a\u544a\u5167\u5bb9\u6709\u7591\u554f\u6216\u6709\u95dc\u65bc\u6b64\u4e8b\u4ef6\u4e4b\u5efa\u8b70\uff0c<wbr \/>\u8acb\u52ff\u76f4\u63a5\u56de\u8986\u6b64\u4fe1\u4ef6\uff0c\u8acb\u4ee5\u4e0b\u8ff0\u806f\u7d61\u8cc7\u8a0a\u8207\u6211\u5011\u9023\u7d61\u3002<br \/>\n\u5730\u00a0\u5740\uff1a\u00a0\u53f0\u5317\u5e02\u5bcc\u967d\u8857116\u865f<br \/>\n\u806f\u7d61\u96fb\u8a71\uff1a\u00a002-27339922<br \/>\n\u50b3\u771f\u96fb\u8a71\uff1a\u00a002-27331655<br \/>\n\u96fb\u5b50\u90f5\u4ef6\u4fe1\u7bb1\uff1a\u00a0<a href=\"mailto:service@nccst.nat.gov.tw\" target=\"_blank\" rel=\"noopener\">service@nccst.nat.gov.<wbr \/>tw<\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>\u884c\u653f\u9662\u570b\u5bb6\u8cc7\u901a\u5b89\u5168\u6703\u5831\u6280\u8853\u670d\u52d9\u4e2d\u5fc3 \u6f0f\u6d1e\/\u8cc7\u5b89\u8a0a\u606f\u8b66\u8a0a \u767c\u5e03\u7de8\u865f NCCST-ANA-2022-0000041 \u767c\u5e03\u6642\u9593 Thu Feb 03 15:16:41 CST 2022 \u4e8b\u4ef6\u985e\u578b \u6f0f\u6d1e\u9810\u8b66 \u767c\u73fe\u6642\u9593 Thu Feb 03 00:00:00 CST 2022 \u8b66\u8a0a\u540d\u7a31 \u7279\u5b9a\u7248\u672cSamba\u8edf\u9ad4\u5b58\u5728\u9ad8\u98a8\u96aa\u5b89\u5168\u6f0f\u6d1e(CVE-2021-44142)\uff0c\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u8acb\u5118\u901f\u78ba\u8a8d\u4e26\u9032\u884c\u66f4\u65b0 \u5167\u5bb9\u8aaa\u660e Samba\u662f\u8b93Unix\/Linux\u4f5c\u696d\u7cfb\u7d71\u8207\u5fae\u8edfWindows\u4f5c\u696d\u7cfb\u7d71\u4e4b\u9593\uff0c\u900f\u904eSMB(Server Message Block)\u5354\u5b9a\u9032\u884c\u9023\u7d50\u4e4b\u8edf\u9ad4\u3002<\/p>\n<p>\u7814\u7a76\u4eba\u54e1\u767c\u73feSamba\u5728\u9810\u8a2d\u7d44\u614b(fruit:metadata=netatalk\u6216fruit:resource=file)\u6642\uff0c\u865b\u64ec\u6a94\u6848\u7cfb\u7d71(Virtual File System\uff0cVFS)\u4e2d\u4e4bvfs_fruit\u6a21\u7d44\u5728smbd\u958b\u555f\u6a94\u6848\u8207\u89e3\u6790EA metadata\u904e\u7a0b\u4e2d\uff0c\u5b58\u5728\u8d8a\u754c\u8a18\u61b6\u9ad4\u5806\u7a4d\u8b80\u5beb(out-of-bounds heap read\/write)\u6f0f\u6d1e(CVE-2021-44142)\uff0c\u5c0e\u81f4\u653b\u64ca\u8005\u53ef\u4ee5root\u6b0a\u9650\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002 \u5f71\u97ff\u5e73\u53f0 Samba 4.13.17(\u4e0d\u542b)\u4ee5\u524d\u7248\u672c \u5f71\u97ff\u7b49\u7d1a \u9ad8 \u5efa\u8b70\u63aa\u65bd Samba\u7dad\u8b77\u55ae\u4f4d\u4e4b\u5b98\u65b9\u7db2\u9801\u5df2\u91dd\u5c0d\u6b64\u6f0f\u6d1e\u91cb\u51fa\u66f4\u65b0\u7a0b\u5f0f\uff0c\u8acb\u5404\u6a5f\u95dc\u806f\u7d61\u8a2d\u5099\u7dad\u8b77\u5ee0\u5546\u9032\u884c\u7248\u672c\u78ba\u8a8d\u4e26\u66f4\u65b0\u81f34.13.17\u4ee5\u4e0a\u7248\u672c\uff1a<\/p>\n<p>https:\/\/www.samba.org\/samba\/security\/<\/p>\n<p>\u82e5\u73fe\u968e\u6bb5\u7121\u6cd5\u7acb\u5373\u66f4\u65b0Samba\u8edf\u9ad4\u4e4b\u7248\u672c\uff0c\u5247\u53ef\u958b\u555fSamba\u7d44\u614b\u6a94(smb.conf)\uff0c\u5f9eVFS\u7269\u4ef6\u7d44\u614b\u6e05\u55ae\u4e2d\u79fb\u9664\u300cfruit\u300dVFS\u6a21\u7d44\uff0c\u4ee5\u6e1b\u7de9\u6f0f\u6d1e\u6240\u9020\u6210\u4e4b\u5f71\u97ff\u3002 \u53c3\u8003\u8cc7\u6599 https:\/\/www.samba.org\/samba\/security\/CVE-2021-44142.html https:\/\/www.samba.org\/samba\/history\/security.html https:\/\/thehackernews.com\/2022\/01\/new-samba-bug-allows-remote-attackers.html?m=1 https:\/\/www.ithome.com.tw\/news\/149175 \u6b64\u985e\u901a\u544a\u767c\u9001\u5c0d\u8c61\u70ba\u901a\u5831\u61c9\u8b8a\u7db2\u7ad9\u767b\u8a18\u4e4b\u8cc7\u5b89\u4eba\u54e1\u3002\u82e5\u8cb4 \u55ae\u4f4d\u4e4b\u8cc7\u5b89\u4eba\u54e1\u6709\u8b8a\u66f4\uff0c\u53ef\u9015\u81ea\u767b\u5165\u901a\u5831\u61c9\u8b8a\u7db2\u7ad9\uff08https:\/\/www.ncert.nat.gov.tw\uff09\u9032\u884c\u4fee\u6539\u3002\u82e5\u60a8\u4ecd\u70ba\u8cb4\u55ae\u4f4d\u4e4b\u8cc7\u5b89\u4eba\u54e1\u4f46\u975e\u672c\u4e8b\u4ef6\u4e4b\u8655\u7406\u4eba\u54e1\uff0c\u8acb\u5354\u52a9\u5c07\u6b64\u901a\u544a\u544a\u77e5\u76f8\u95dc\u8655\u7406\u4eba\u54e1\u3002<\/p>\n<p>\u5982\u679c\u60a8\u5c0d\u6b64\u901a\u544a\u5167\u5bb9\u6709\u7591\u554f\u6216\u6709\u95dc\u65bc\u6b64\u4e8b\u4ef6\u4e4b\u5efa\u8b70\uff0c\u8acb\u52ff\u76f4\u63a5\u56de\u8986\u6b64\u4fe1\u4ef6\uff0c\u8acb\u4ee5\u4e0b\u8ff0\u806f\u7d61\u8cc7\u8a0a\u8207\u6211\u5011\u9023\u7d61\u3002 \u5730 \u5740\uff1a \u53f0\u5317\u5e02\u5bcc\u967d\u8857116\u865f \u806f\u7d61\u96fb\u8a71\uff1a 02-27339922 \u50b3\u771f\u96fb\u8a71\uff1a [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/25300"}],"collection":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/comments?post=25300"}],"version-history":[{"count":0,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/25300\/revisions"}],"wp:attachment":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/media?parent=25300"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/categories?post=25300"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/tags?post=25300"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}