Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

ID HUAWEI-SA-20170613-01-SAMBA
Type huawei
Reporter Huawei Technologies
Modified 2017-11-29T00:00:00


All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing an authenticated attacker to upload a shared library to a writable share and execute arbitrary code remotely on a targeted system. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect. (Vulnerability ID: HWPSIRT-2017-05176) This vulnerability has been assigned a CVE ID: CVE-2017-7494. Huawei has released software updates to fix this vulnerability. This advisory is available at the following link: