Samba prior to 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 6.0 |
||
debian debian linux 8.0 |
If SambaCry escaped your notice in June, get busy
HPE NonStop users running Samba need to get busy applying workarounds to a pair of remotely exploitable vulnerabilities. The first, SambaCry, has been present in Samba since 2010 but was named and outed in late May 2017. Assigned CVE-2017-7494, it allowed a malicious Samba client with write access could execute code as root. F5 Networks explained that all the attacker need do is upload a shared library to a writable share, because the server will execute it with the privileges of the Samba daemo...