The Samba Team has released security updates that address a vulnerability in all versions of Samba from 3.5.0 onward. A remote attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review Samba’s Security Announcement and apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

www.samba.org/samba/security/CVE-2017-7494.html

checkpoint_advisories 1

nessus 30

thn 4

myhack58 4

ibm 6

openvas 21

debian 3

fedora 3

archlinux 1

ubuntucve 1

suse 5

saint 3

zdt 2

veracode 1

altlinux 5

threatpost 3

oraclelinux 3

rapid7community 3

avleonov 1

prion 1

redhat 5

cisco 1

canvas 1

centos 2

cisa_kev 1

ubuntu 2

packetstorm 3

samba 1

exploitpack 1

securelist 1

osv 3

redhatcve 1

attackerkb 1

debiancve 1

ics 1

slackware 1

metasploit 1

seebug 1

talosblog 1

huawei 2

alpinelinux 1

freebsd 1

qualysblog 1

f5 1

cve 1

exploitdb 2

nmap 60

checkpoint_advisories

Linux EternalRed Samba Remote Code Execution (CVE-2017-7494)

2017-05-25 00:00:00

nessus

Ubuntu 12.04 LTS : samba vulnerability (USN-3296-2) (SambaCry)

2017-05-25 00:00:00

Scientific Linux Security Update : samba on SL6.x, SL7.x i386/x86_64 (20170524) (SambaCry)

2017-05-25 00:00:00

Fedora 26 : 2:samba (2017-c729c6123c) (SambaCry)

2017-07-17 00:00:00

thn

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

2017-07-27 00:40:00

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

2017-06-10 01:16:00

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

2017-05-24 20:23:00

myhack58

SambaCry exploit analysis-exploit warning-the black bar safety net

2017-06-13 00:00:00

Vulnerability warning|Samba remote code execution vulnerability, affecting 7 years ago version-bug warning-the black bar safety net

2017-05-25 00:00:00

Samba remote code execution vulnerability(CVE-2017-7494)-SambaCry analysis report-vulnerability warning-the black bar safety net

2017-05-28 00:00:00

ibm

Security Bulletin: Open Source Samba Samba Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-7494)

2018-06-15 07:08:02

Security Bulletin: Vulnerability CVE-2017-7494 in Samba affects IBM i

2019-12-18 14:26:38

Security Bulletin: Samba vulnerability issue in IBM SONAS (CVE-2017-7494)

2018-06-18 00:34:57

openvas

Debian Security Advisory DSA 3860-1 (samba - security update)

2017-05-24 00:00:00

CentOS Update for libsmbclient CESA-2017:1270 centos6

2017-05-26 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:1396-1)

2021-04-19 00:00:00

debian

[SECURITY] [DSA 3860-1] samba security update

2017-05-24 07:35:00

[SECURITY] [DSA 3860-1] samba security update

2017-05-24 07:35:00

[SECURITY] [DLA 951-1] samba security update

2017-05-24 08:11:20

fedora

[SECURITY] Fedora 26 Update: samba-4.6.4-0.fc26

2017-06-03 17:39:59

[SECURITY] Fedora 25 Update: samba-4.5.10-0.fc25

2017-05-27 03:06:08

[SECURITY] Fedora 24 Update: samba-4.4.14-0.fc24

2017-05-27 02:53:53

archlinux

[ASA-201705-22] samba: arbitrary code execution

2017-05-30 00:00:00

ubuntucve

CVE-2017-7494

2017-05-24 00:00:00

suse

Security update for samba (important)

2017-05-24 15:09:27

Security update for samba (important)

2017-05-24 15:09:57

Security update for samba (important)

2017-05-24 15:10:25

saint

Samba shared library upload and execution

2017-06-08 00:00:00

Samba shared library upload and execution

2017-06-08 00:00:00

Samba shared library upload and execution

2017-06-08 00:00:00

zdt

Samba is_known_pipename() Arbitrary Module Load Exploit

2017-05-30 00:00:00

Samba 3.5.0 - Remote code execution Exploit

2017-05-25 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 09:17:29

altlinux

Security fix for the ALT Linux 7 package samba-DC version 4.5.10-alt1.M70P.1

2017-05-25 00:00:00

Security fix for the ALT Linux 8 package samba-DC version 4.6.4-alt1

2017-05-24 00:00:00

Security fix for the ALT Linux 10 package samba version 4.6.4-alt1.S1

2017-05-24 00:00:00

threatpost

Samba Patches Critical Bug Exploitable With One Line Of Code

2017-05-25 12:20:32

Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability

2017-06-12 09:34:17

Cisco, Netgear Readying Patches for Samba Vulnerability

2017-05-31 13:51:56

oraclelinux

samba4 security update

2017-05-24 00:00:00

samba security update

2017-05-24 00:00:00

samba3x security update

2017-05-26 00:00:00

rapid7community

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

2017-05-25 21:22:37

Patching CVE-2017-7494 in Samba: It’s the Circle of Life

2017-05-27 02:51:04

Metasploit Wrapup

2017-06-02 15:21:31

avleonov

New vulnersBot for Telegram with advanced searches and subscriptions

2017-05-28 10:59:52

prion

Remote code execution

2017-05-30 18:29:00

redhat

(RHSA-2017:1273) Important: samba security update

2017-05-24 07:27:07

(RHSA-2017:1272) Important: samba3x security update

2017-05-24 00:00:00

(RHSA-2017:1271) Important: samba4 security update

2017-05-24 07:26:37

cisco

Vulnerability in Samba Affecting Cisco Products: May 2017

2017-05-30 19:30:00

canvas

Immunity Canvas: SAMBA_IS_KNOWN_PIPENAME

2017-05-30 18:29:00

centos

samba4 security update

2017-05-25 13:07:15

ctdb, libsmbclient, libwbclient, samba security update

2017-05-25 13:08:37

cisa_kev

Samba Remote Code Execution Vulnerability

2023-03-30 00:00:00

ubuntu

Samba vulnerability

2017-05-24 00:00:00

Samba vulnerability

2017-05-24 00:00:00

packetstorm

Samba 3.5.0 Remote Code Execution

2017-05-25 00:00:00

Samba is_known_pipename() Arbitrary Module Load

2017-05-27 00:00:00

Samba is_known_pipename() Code Execution

2017-06-02 00:00:00

samba

Remote code execution from a writable share.

2017-05-24 00:00:00

exploitpack

Samba 3.5.0 - Remote Code Execution

2017-05-24 00:00:00

securelist

SambaCry is coming

2017-06-09 22:07:16

osv

CVE-2017-7494

2017-05-30 18:29:00

samba - security update

2017-05-24 00:00:00

samba - security update

2017-05-24 00:00:00

redhatcve

CVE-2017-7494

2021-03-13 22:06:40

attackerkb

CVE-2017-7494

2017-05-30 00:00:00

debiancve

CVE-2017-7494

2017-05-30 18:29:00

ics

Potential Legacy Risk from Malware Targeting QNAP NAS Devices

2020-08-06 12:00:00

slackware

[slackware-security] samba

2017-05-24 20:34:46

metasploit

Samba is_known_pipename() Arbitrary Module Load

2017-05-25 00:42:04

seebug

Samba remote code execution vulnerability(CVE-2017-7494)

2017-05-25 00:00:00

talosblog

Samba Vulnerability: Dancing Its Way to a Network Near You

2017-05-25 00:31:00

huawei

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

2017-06-13 00:00:00

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

2017-11-29 00:00:00

alpinelinux

CVE-2017-7494

2017-05-30 18:29:00

freebsd

samba -- remote code execution vulnerability

2017-05-24 00:00:00

qualysblog

Samba Vulnerability CVE-2017-7494

2017-05-26 20:32:57

K13551136 : Samba remote code execution vulnerability CVE-2017-7494

2017-05-25 00:00:00

cve

CVE-2017-7494

2017-05-30 18:29:00

exploitdb

Samba 3.5.0 - Remote Code Execution

2017-05-24 00:00:00

Samba 3.5.0 < 4.4.14/4.5.10/4.6.4 - 'is_known_pipename()' Arbitrary Module Load (Metasploit)

2017-05-29 00:00:00

nmap

riak-http-info NSE Script

2012-01-02 11:37:38

cics-enum NSE Script

2016-12-08 21:27:09

qscan NSE Script

2010-03-21 20:05:31

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for CISA:384A71FB1AD858FAC86EEB1A7660E778