samba: Remote code execution from a writable share (CVE-2017-7494)
All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.
Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect.
References:
https://www.samba.org/samba/security/CVE-2017-7494.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 7319, created on 2017-05-25, closed on 2017-05-25)
- Relations:
- child #7320 (closed)
- child #7321 (closed)
- child #7322 (closed)
- child #7323 (closed)
- Changesets:
- Revision 3db1fe39 by Natanael Copa on 2017-05-25T09:38:19Z:
main/samba: security upgrade to 4.6.4 (CVE-2017-7494)
ref #7319