Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 619632 - CVE-2017-7494: Samba: Remote code execution from a writable share.
Summary: CVE-2017-7494: Samba: Remote code execution from a writable share.
Status: RESOLVED DUPLICATE of bug 619516
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal critical (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-25 02:54 UTC by John R. Graham
Modified: 2017-05-25 03:13 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John R. Graham gentoo-dev 2017-05-25 02:54:25 UTC
See https://www.samba.org/samba/security/CVE-2017-7494.html

==========
Description
===========

All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.

==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

==========
Workaround
==========

Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note this
can disable some expected functionality for Windows clients.

=======
Credits
=======

This problem was found by steelo <knownsteelo@gmail.com>. Volker
Lendecke of SerNet and the Samba Team provided the fix.
Comment 1 John R. Graham gentoo-dev 2017-05-25 03:13:55 UTC

*** This bug has been marked as a duplicate of bug 619516 ***