Samba shared library upload and execution

2017-06-08T00:00:00
ID SAINT:C50A339EFD5B2F96051BC00F96014CAA
Type saint
Reporter SAINT Corporation
Modified 2017-06-08T00:00:00

Description

Added: 06/08/2017
CVE: CVE-2017-7494
BID: 98636

Background

Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.

Problem

A vulnerability in Samba allows a remote attacker to upload a shared object library to a writable share, and then cause the server to load and execute it.

Resolution

Upgrade to Samba 4.4.14, 4.5.10, or 4.6.4 or higher, or install an updated package from your Linux vendor.

References

<https://www.samba.org/samba/security/CVE-2017-7494.html>

Limitations

Exploit works against Ubuntu 14.04 and requires the login and password of an account with write access to a Samba share on the target unless an anonymously writable share exists.

Platforms

Linux