[FREEBSD:6F4D96C0-4062-11E7-B291-B499BAEBFEAF] samba -- remote code execution vulnerability
Severity
Critical
Affected Packages
5
CVEs
1
The samba project reports:
Remote code execution from a writable share.
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload
a shared library to a writable share, and then cause the server to
load and execute it.
Package | Affected Version |
---|---|
pkg:freebsd/samba46 | < 4.6.4 |
pkg:freebsd/samba45 | < 4.5.10 |
pkg:freebsd/samba44 | < 4.4.14 |
pkg:freebsd/samba43 | < 4.3.14 |
pkg:freebsd/samba42 | < 4.2.15 |
- ID
- FREEBSD:6F4D96C0-4062-11E7-B291-B499BAEBFEAF
- Severity
- critical
- Severity from
- CVE-2017-7494
- URL
- http://vuxml.freebsd.org/freebsd/6f4d96c0-4062-11e7-b291-b499baebfeaf.html
- Published
-
2017-05-24T00:00:00
(7 years ago) - Modified
-
2017-05-24T00:00:00
(7 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2017-834
- ALPINE:CVE-2017-7494
- ASA-201705-22
- CISA-2023:0330
- CISCO-SA-20170530-SAMBA
- DSA-3860-1
- ELSA-2017-1270
- ELSA-2017-1271
- ELSA-2017-1272
- FEDORA-2017-570c0071c4
- FEDORA-2017-642a0eca75
- FEDORA-2017-c729c6123c
- GLSA-201805-07
- RHSA-2017:1270
- RHSA-2017:1271
- SSA:2017-144-01
- SUSE-SU-2017:1391-1
- SUSE-SU-2017:1392-1
- SUSE-SU-2017:1393-1
- SUSE-SU-2017:1396-1
- USN-3296-1
- USN-3296-2
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://www.samba.org/samba/security/CVE-2017-7494.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/samba46 | samba46 | < 4.6.4 | ||||
Affected | pkg:freebsd/samba45 | samba45 | < 4.5.10 | ||||
Affected | pkg:freebsd/samba44 | samba44 | < 4.4.14 | ||||
Affected | pkg:freebsd/samba43 | samba43 | < 4.3.14 | ||||
Affected | pkg:freebsd/samba42 | samba42 | < 4.2.15 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |