A Samba remote code execution vulnerability
A Samba remote code execution vulnerability
[Security] Posted May 24, 2017 16:18 UTC (Wed) by corbet
The Samba Team has issued an
advisory regarding CVE-2017-7494: "All versions of Samba from
3.5.0 onwards are vulnerable to a remote code execution vulnerability,
allowing a malicious client to upload a shared library to a writable share,
and then cause the server to load and execute it.
" Distributors are
already shipping the fix; there's also a workaround in the advisory for
those who cannot update immediately.