[arch-security] [ASA-201705-22] samba: arbitrary code execution
rgacogne at archlinux.org
Tue May 30 18:03:44 UTC 2017
Arch Linux Security Advisory ASA-201705-22
Date : 2017-05-30
CVE-ID : CVE-2017-7494
Package : samba
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-279
The package samba before version 4.5.10-1 is vulnerable to arbitrary
Upgrade to 4.5.10-1.
# pacman -Syu "samba>=4.5.10-1"
The problem has been fixed upstream in version 4.5.10.
Add the parameter:
nt pipe support = no
to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note that
this can disable some expected functionality for Windows clients.
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.
A malicious authenticated client can execute arbitrary code on the
affected host by uploading a shared library to a writable share.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the arch-security