Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2017-7494: Samba - Security Announcement Archive

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVE
#vulnerability#windows#rce#samba

CVE-2017-7494.html:

==================================================================== == Subject: Remote code execution from a writable share. == == CVE ID#: CVE-2017-7494 == == Versions: All versions of Samba from 3.5.0 onwards. == == Summary: Malicious clients can upload and cause the smbd server == to execute a shared library from a writable share. == ====================================================================

=========== Description ===========

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

================== Patch Availability ==================

A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.

========== Workaround ==========

Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

======= Credits =======

This problem was found by steelo [email protected]. Volker Lendecke of SerNet and the Samba Team provided the fix.

Related news

CVE-2023-47579: Vulnerability Report

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.

Ransomware's Favorite Target: Critical Infrastructure and Its Industrial Control Systems

The health, manufacturing, and energy sectors are the most vulnerable to ransomware.

CVE-2022-26482: Security Center

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907