Ask the Community
Groups
CVE-2017-7494: samba RCE from a writeable share "SambaCry" - Connect IT Community | Kaseya
<main> <article class="userContent"> <h3 data-id="summary"><strong>SUMMARY</strong></h3> <p>Samba RCE requires updating samba packages.</p> <h3 data-id="cve-id"><strong>CVE ID</strong></h3> <p>CVE-2017-7494</p> <h3 data-id="description"><strong>DESCRIPTION</strong></h3> <p>A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.<br> <br>All versions of Samba from 3.5.0 onwards are vulnerable to this remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.<br> <br>Unitrends Risk Assessment: None with security updates included in version 10.1 or patch available as of 5/25/17.<br> </p> <h3 data-id="resolution"><strong>RESOLUTION</strong></h3> <p>Fixed in samba-3.6.23-43.el6_9 and later. <br><br>This patch is included with the latest security updates. To apply the latest security updates, follow the notes provided in <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Funitrends-support.zendesk.com%2Fhc%2Fen-us%2Farticles%2F360013271818%3Fq%3DSELECT%2BId%252CDescription__c%252CResolution__c%252CLink_to_Advisories__c%252CNotes__c%252CSummary%252CCVE_ID__c%252CAttachment__Body__s%252CAttachment__ContentType__s%252CAttachment__Length__s%252CAttachment__Name__s%252CTitle%252CKnowledgeArticleId%2Bfrom%2BAdvisory__kav%2Bwhere%2BPublishStatus%253D%2527Online%2527">Unitrends Response to certain security vulnerabilities (CVEs) - Reference Article</a>.<br><br>To confirm you have successfully patched, run the command below and verify you are running samba-3.6.23-43.el6_9 or newer.<br> </p> <pre class="code codeBlock" spellcheck="false" tabindex="0"> [root@unitrends ~]# rpm -qa | grep samba samba-winbind-3.6.23-43.el6_9.x86_64 samba-common-3.6.23-43.el6_9.x86_64 samba-client-3.6.23-43.el6_9.x86_64 samba-winbind-clients-3.6.23-43.el6_9.x86_64 samba-3.6.23-43.el6_9.x86_64</pre> <br><br> <h3 data-id="link-to-advisories"><strong>LINK TO ADVISORIES</strong></h3> <p></p> <ul><li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2017-7494%250D%250Ahttps%3A%2F%2Frhn.redhat.com%2Ferrata%2FRHSA-2017-1270.html">https://access.redhat.com/security/cve/CVE-2017-7494 https://rhn.redhat.com/errata/RHSA-2017-1270.html</a></li> <li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=http%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2017-7494"> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494</a></li> <li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Flists.samba.org%2Farchive%2Fsamba-announce%2F2017%2F000406.html"> https://lists.samba.org/archive/samba-announce/2017/000406.html</a></li> </ul> </article> </main>