Project

General

Profile

Bug #7319

samba: Remote code execution from a writable share (CVE-2017-7494)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
-
Start date:
05/25/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.

Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect.

References:

https://www.samba.org/samba/security/CVE-2017-7494.html
https://www.samba.org/samba/history/security.html


Subtasks

Bug #7320: [3.6] samba: Remote code execution from a writable share (CVE-2017-7494)ClosedNatanael Copa

Bug #7321: [3.5] samba: Remote code execution from a writable share (CVE-2017-7494)ClosedNatanael Copa

Bug #7322: [3.4] samba: Remote code execution from a writable share (CVE-2017-7494)ClosedNatanael Copa

Bug #7323: [3.3] samba: Remote code execution from a writable share (CVE-2017-7494)ClosedNatanael Copa

Associated revisions

Revision 3db1fe39 (diff)
Added by Natanael Copa almost 2 years ago

main/samba: security upgrade to 4.6.4 (CVE-2017-7494)

ref #7319

History

#1 Updated by Alicha CH almost 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF