Lucene search
F5F5:K13551136HistoryMay 25, 2017 - 12:00 a.m.
K13551136 : Samba remote code execution vulnerability CVE-2017-7494
2017-05-2500:00:00
my.f5.com
89
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Security Advisory Description
All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. (CVE-2017-7494)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 |
Related
altlinux
altlinux
Security fix for the ALT Linux 7 package samba-DC version 4.5.10-alt1.M70P.1
2017-05-25 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.6.4-alt1
2017-05-24 00:00:00
Security fix for the ALT Linux 10 package samba version 4.6.4-alt1.S1
2017-05-24 00:00:00
ibm
ibm
Security Bulletin: Vulnerability CVE-2017-7494 in Samba affects IBM i
2019-12-18 14:26:38
Security Bulletin: Open Source Samba Samba Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-7494)
2018-06-15 07:08:02
Security Bulletin: Samba vulnerability issue in IBM SONAS (CVE-2017-7494)
2018-06-18 00:34:57
oraclelinux
oraclelinux
samba4 security update
2017-05-24 00:00:00
samba security update
2017-05-24 00:00:00
samba3x security update
2017-05-26 00:00:00
nessus
nessus
Slackware 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : samba (SSA:2017-144-01) (SambaCry)
2017-05-25 00:00:00
openSUSE Security Update : samba (openSUSE-2017-618) (SambaCry)
2017-05-30 00:00:00
Fedora 25 : 2:samba (2017-642a0eca75) (SambaCry)
2017-05-30 00:00:00
threatpost
threatpost
Samba Patches Critical Bug Exploitable With One Line Of Code
2017-05-25 12:20:32
Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability
2017-06-12 09:34:17
Cisco, Netgear Readying Patches for Samba Vulnerability
2017-05-31 13:51:56
cisa
cisa
Samba Releases Security Updates
2017-05-24 00:00:00
rapid7community
rapid7community
Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose
2017-05-25 21:22:37
Patching CVE-2017-7494 in Samba: It’s the Circle of Life
2017-05-27 02:51:04
avleonov
avleonov
New vulnersBot for Telegram with advanced searches and subscriptions
2017-05-28 10:59:52
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1393-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3296-1)
2017-05-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1391-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2017:1273) Important: samba security update
2017-05-24 07:27:07
(RHSA-2017:1272) Important: samba3x security update
2017-05-24 00:00:00
(RHSA-2017:1271) Important: samba4 security update
2017-05-24 07:26:37
suse
suse
Security update for samba (important)
2017-05-24 21:12:15
Security update for samba (important)
2017-05-24 15:10:25
Security update for samba (important)
2017-05-24 15:09:27
cisco
cisco
Vulnerability in Samba Affecting Cisco Products: May 2017
2017-05-30 19:30:00
prion
prion
Remote code execution
2017-05-30 18:29:00
canvas
canvas
Immunity Canvas: SAMBA_IS_KNOWN_PIPENAME
2017-05-30 18:29:00
zdt
zdt
Samba 3.5.0 - Remote code execution Exploit
2017-05-25 00:00:00
Samba is_known_pipename() Arbitrary Module Load Exploit
2017-05-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Linux EternalRed Samba Remote Code Execution (CVE-2017-7494)
2017-05-25 00:00:00
thn
thn
CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware
2017-07-27 00:40:00
Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems
2017-06-10 01:16:00
7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely
2017-05-24 20:23:00
myhack58
myhack58
debian
debian
[SECURITY] [DSA 3860-1] samba security update
2017-05-24 07:35:00
[SECURITY] [DSA 3860-1] samba security update
2017-05-24 07:35:00
[SECURITY] [DLA 951-1] samba security update
2017-05-24 08:11:20
fedora
fedora
[SECURITY] Fedora 26 Update: samba-4.6.4-0.fc26
2017-06-03 17:39:59
[SECURITY] Fedora 25 Update: samba-4.5.10-0.fc25
2017-05-27 03:06:08
[SECURITY] Fedora 24 Update: samba-4.4.14-0.fc24
2017-05-27 02:53:53
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:17:29
ubuntucve
ubuntucve
CVE-2017-7494
2017-05-24 00:00:00
archlinux
archlinux
[ASA-201705-22] samba: arbitrary code execution
2017-05-30 00:00:00
saint
saint
Samba shared library upload and execution
2017-06-08 00:00:00
Samba shared library upload and execution
2017-06-08 00:00:00
Samba shared library upload and execution
2017-06-08 00:00:00
centos
centos
samba4 security update
2017-05-25 13:07:15
ctdb, libsmbclient, libwbclient, samba security update
2017-05-25 13:08:37
cisa_kev
cisa_kev
Samba Remote Code Execution Vulnerability
2023-03-30 00:00:00
ubuntu
ubuntu
Samba vulnerability
2017-05-24 00:00:00
Samba vulnerability
2017-05-24 00:00:00
packetstorm
packetstorm
Samba 3.5.0 Remote Code Execution
2017-05-25 00:00:00
Samba is_known_pipename() Arbitrary Module Load
2017-05-27 00:00:00
Samba is_known_pipename() Code Execution
2017-06-02 00:00:00
samba
samba
Remote code execution from a writable share.
2017-05-24 00:00:00
securelist
securelist
SambaCry is coming
2017-06-09 22:07:16
exploitpack
exploitpack
Samba 3.5.0 - Remote Code Execution
2017-05-24 00:00:00
redhatcve
redhatcve
CVE-2017-7494
2021-03-13 22:06:40
debiancve
debiancve
CVE-2017-7494
2017-05-30 18:29:00
ics
ics
Potential Legacy Risk from Malware Targeting QNAP NAS Devices
2020-08-06 12:00:00
metasploit
metasploit
Samba is_known_pipename() Arbitrary Module Load
2017-05-25 00:42:04
osv
osv
CVE-2017-7494
2017-05-30 18:29:00
samba - security update
2017-05-24 00:00:00
samba - security update
2017-05-24 00:00:00
attackerkb
attackerkb
CVE-2017-7494
2017-05-30 00:00:00
slackware
slackware
[slackware-security] samba
2017-05-24 20:34:46
seebug
seebug
Samba remote code execution vulnerability(CVE-2017-7494)
2017-05-25 00:00:00
talosblog
talosblog
Samba Vulnerability: Dancing Its Way to a Network Near You
2017-05-25 00:31:00
huawei
huawei
qualysblog
qualysblog
Samba Vulnerability CVE-2017-7494
2017-05-26 20:32:57
alpinelinux
alpinelinux
CVE-2017-7494
2017-05-30 18:29:00
cve
cve
CVE-2017-7494
2017-05-30 18:29:00
freebsd
freebsd
samba -- remote code execution vulnerability
2017-05-24 00:00:00
exploitdb
exploitdb
Samba 3.5.0 < 4.4.14/4.5.10/4.6.4 - 'is_known_pipename()' Arbitrary Module Load (Metasploit)
2017-05-29 00:00:00
Samba 3.5.0 - Remote Code Execution
2017-05-24 00:00:00
nmap
nmap
impress-remote-discover NSE Script
2017-03-04 19:54:56
dhcp-discover NSE Script
2009-09-10 03:26:53
cvs-brute NSE Script
2011-07-21 06:01:19
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Related for F5:K13551136