Samba vulnerability allowing remote code execution patched

by Derek Kortepeter
Sept. 1, 2017 1 comment TechGenix vulnerabilities

In a security announcement, Samba, the open-source file- and print-sharing software service for Linux/Unix, detailed a rather dangerous vulnerability (CVE-2017-7494). Affecting versions 3.5 and beyond, CVE-2017-7494 is a vulnerability that allows for an attacker to perform remote code execution that can lead to hijacking of the device. The specific vulnerability, which is a mind-boggling seven years old, results from how, according to Rapid7’s Josh Feinblum, “Samba interacted with shared libraries… if a malicious actor uploads a shared library to the system using something like a writable share, they can force the server to load and execute the malicious code.”

Steven Ulm 8 months ago

Great analysis from TechGenix! Was really captivated by it!