[manjaro-security] [arch-security] [ASA-201705-22] samba: arbitrary code execution

Remi Gacogne rgacogne at archlinux.org
Tue May 30 20:03:44 CEST 2017

Arch Linux Security Advisory ASA-201705-22

Severity: High
Date    : 2017-05-30
CVE-ID  : CVE-2017-7494
Package : samba
Type    : arbitrary code execution
Remote  : Yes
Link    : https://security.archlinux.org/AVG-279


The package samba before version 4.5.10-1 is vulnerable to arbitrary
code execution.


Upgrade to 4.5.10-1.

# pacman -Syu "samba>=4.5.10-1"

The problem has been fixed upstream in version 4.5.10.


Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note that
this can disable some expected functionality for Windows clients.


All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.


A malicious authenticated client can execute arbitrary code on the
affected host by uploading a shared library to a writable share.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20170530/6e407e48/attachment.sig>

More information about the manjaro-security mailing list