[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-7494

Date: (C)2017-06-01   (M)2017-11-18 


Samba since version 3.5.0 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1038552
EXPLOIT-DB-42060
EXPLOIT-DB-42084
BID-98636
DSA-3860
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us
https://security.netapp.com/advisory/ntap-20170524-0001/
https://www.samba.org/samba/security/CVE-2017-7494.html

CPE    117
cpe:/a:samba:samba:4.1.13
cpe:/a:samba:samba:4.1.12
cpe:/a:samba:samba:4.1.11
cpe:/a:samba:samba:4.1.10
...
CWE    1
CWE-94
OVAL    15
oval:org.secpod.oval:def:40649
oval:org.secpod.oval:def:112420
oval:org.secpod.oval:def:112412
oval:org.secpod.oval:def:1600702
...

© 2013 SecPod Technologies