How to create a VirtualBox VM from command line

A very appreciated feature of VirtualBox is the possibility to be used in a headless environment, without a GUI.

So, today I want to share the workflow I use for creating virtual machines using only the command line.

Continue reading “How to create a VirtualBox VM from command line”

Debian 10 “buster”, upgrade from Debian 9: the easy way

Last saturday the Debian project has released the last version of the “universal operating system”: the clean install, using updated CD images is one of the best and simple solution, however also the upgrade process is very simple and fast.

Continue reading “Debian 10 “buster”, upgrade from Debian 9: the easy way”

CVE-2017-14746: you need to patch your Samba as soon as possible!

A fresh advisory from SAMBA.org:

All versions of Samba from 4.0.0 onwards are vulnerable to a use after
free vulnerability, where a malicious SMB1 request can be used to
control the contents of heap memory via a deallocated heap pointer. It
is possible this may be used to compromise the SMB server.

The major Linux distributions (Red Hat, Ubuntu, Debian) has already rolled out security patches for this vulnerability, tracked as CVE-2017-14746, that affects all versions of SAMBA since 4.0.

According to the project’s advisory, an unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code.

Sysadms should to apply the fixes to their server, otherwise another possibility consists in turning off SAMBA 1:

==========
Workaround
==========

Prevent SMB1 access to the server by setting the parameter:

server min protocol = SMB2

to the [global] section of your smb.conf and restart smbd. This
prevents and SMB1 access to the server. Note this could cause older
clients to be unable to connect to the server.

References