CVE-2017-7494 Samba vulnerability, patch your installation now!

Pierluigi Paganini May 25, 2017

A seven-year-old remote code execution vulnerability, tracked as CVE-2017-7494, affects all versions of the Samba software since 3.5.0.

https://twitter.com/hdmoore/status/867446072670646277

nt pipe support = no

to their Samba configuration file and restarting the network’s SMB daemon.

The change will limit clients from accessing some network computers.

The Samba bug appears to be a network wormable issue that could be exploited by a malicious code to self-replicate from vulnerable machine to vulnerable machine without requiring user interaction.

Hurry up, the exploit for the Samba bug is expected to be available in the days for the Metasploit framework.

HD Moore, who is vice president of research and development at Atredis Partners, posted the following images showing successful exploits against Samba on a computer running Ubuntu and NAS device made by Synology.

https://twitter.com/hdmoore/status/867490406111604736

ubuntu samba exploit

The first crack at a Metasploit PR for Samba CVE-2017-7494 already appeared on GitHub.

https://twitter.com/hdmoore/status/867543332653871105

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – CVE-2017-7494, Samba bug)

[adrotate banner=”13″]



you might also like

leave a comment