Samba Remote Code Execution Vulnerability - CVE-2017-7494

Solution Verified - Updated -

Issue

Samba version 3.5 and above is vulnerable to a remote code execution flaw. A remote malicious client which has write access to a samba share could upload a shared library and cause the samba server to execute it, this could result in code execution as root user.

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Gluster Storage 3.2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.