Samba Remote Code Execution Vulnerability - CVE-2017-7494

Solution Verified - Updated -

Issue

Samba version 3.5 and above is vulnerable to a remote code execution flaw. A remote malicious client which has write access to a samba share could upload a shared library and cause the samba server to execute it, this could result in code execution as root user.

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Gluster Storage 3.2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In