All versions of Samba from 3.5.0 onwards are vulnerable to a remote
code execution vulnerability, allowing a malicious client to upload a
shared library to a writable share, and then cause the server to load
and execute it.

Patch Availability

A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

Workaround

Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note this
can disable some expected functionality for Windows clients.

Credits

This problem was found by steelo <[email protected]>. Volker
Lendecke of SerNet and the Samba Team provided the fix.

nessus 25

fedora 3

openvas 21

thn 4

myhack58 4

veracode 1

checkpoint_advisories 1

ubuntucve 1

archlinux 1

saint 3

debian 1

ibm 6

zdt 2

securelist 1

packetstorm 3

threatpost 3

redhat 5

cisa_kev 1

exploitpack 1

ubuntu 1

centos 2

altlinux 5

attackerkb 1

redhatcve 1

osv 1

ics 1

metasploit 1

debiancve 1

slackware 1

seebug 1

cisa 1

oraclelinux 3

avleonov 1

prion 1

canvas 1

cisco 1

rapid7community 3

huawei 2

talosblog 1

alpinelinux 1

qualysblog 1

cvelist 1

freebsd 1

cve 1

f5 1

exploitdb 2

nmap 74

nessus

CentOS 6 : samba4 (CESA-2017:1271) (SambaCry)

2017-05-26 00:00:00

Fedora 26 : 2:samba (2017-c729c6123c) (SambaCry)

2017-07-17 00:00:00

Ubuntu 12.04 LTS : samba vulnerability (USN-3296-2) (SambaCry)

2017-05-25 00:00:00

fedora

[SECURITY] Fedora 26 Update: samba-4.6.4-0.fc26

2017-06-03 17:39:59

[SECURITY] Fedora 25 Update: samba-4.5.10-0.fc25

2017-05-27 03:06:08

[SECURITY] Fedora 24 Update: samba-4.4.14-0.fc24

2017-05-27 02:53:53

openvas

Debian Security Advisory DSA 3860-1 (samba - security update)

2017-05-24 00:00:00

Debian: Security Advisory (DLA-951-1)

2018-01-24 00:00:00

CentOS Update for libsmbclient CESA-2017:1270 centos6

2017-05-26 00:00:00

thn

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

2017-07-27 00:40:00

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

2017-06-10 01:16:00

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

2017-05-24 20:23:00

myhack58

SambaCry exploit analysis-exploit warning-the black bar safety net

2017-06-13 00:00:00

Vulnerability warning|Samba remote code execution vulnerability, affecting 7 years ago version-bug warning-the black bar safety net

2017-05-25 00:00:00

Samba remote code execution vulnerability(CVE-2017-7494)-SambaCry analysis report-vulnerability warning-the black bar safety net

2017-05-28 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 09:17:29

checkpoint_advisories

Linux EternalRed Samba Remote Code Execution (CVE-2017-7494)

2017-05-25 00:00:00

ubuntucve

CVE-2017-7494

2017-05-24 00:00:00

archlinux

[ASA-201705-22] samba: arbitrary code execution

2017-05-30 00:00:00

saint

Samba shared library upload and execution

2017-06-08 00:00:00

Samba shared library upload and execution

2017-06-08 00:00:00

Samba shared library upload and execution

2017-06-08 00:00:00

debian

[SECURITY] [DSA 3860-1] samba security update

2017-05-24 07:35:00

ibm

Security Bulletin: Open Source Samba Samba Vulnerabilities which is used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-7494)

2018-06-15 07:08:02

Security Bulletin: Samba vulnerability issue in IBM SONAS (CVE-2017-7494)

2018-06-18 00:34:57

Security Bulletin: Vulnerability CVE-2017-7494 in Samba affects IBM i

2019-12-18 14:26:38

zdt

Samba is_known_pipename() Arbitrary Module Load Exploit

2017-05-30 00:00:00

Samba 3.5.0 - Remote code execution Exploit

2017-05-25 00:00:00

securelist

SambaCry is coming

2017-06-09 22:07:16

packetstorm

Samba 3.5.0 Remote Code Execution

2017-05-25 00:00:00

Samba is_known_pipename() Arbitrary Module Load

2017-05-27 00:00:00

Samba is_known_pipename() Code Execution

2017-06-02 00:00:00

threatpost

Cisco, Netgear Readying Patches for Samba Vulnerability

2017-05-31 13:51:56

Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability

2017-06-12 09:34:17

Samba Patches Critical Bug Exploitable With One Line Of Code

2017-05-25 12:20:32

redhat

(RHSA-2017:1271) Important: samba4 security update

2017-05-24 07:26:37

(RHSA-2017:1390) Important: samba security update

2017-06-05 05:47:14

(RHSA-2017:1273) Important: samba security update

2017-05-24 07:27:07

cisa_kev

Samba Remote Code Execution Vulnerability

2023-03-30 00:00:00

exploitpack

Samba 3.5.0 - Remote Code Execution

2017-05-24 00:00:00

ubuntu

Samba vulnerability

2017-05-24 00:00:00

centos

samba4 security update

2017-05-25 13:07:15

ctdb, libsmbclient, libwbclient, samba security update

2017-05-25 13:08:37

altlinux

Security fix for the ALT Linux 8 package samba-DC version 4.6.4-alt1

2017-05-24 00:00:00

Security fix for the ALT Linux 10 package samba version 4.6.4-alt1.S1

2017-05-24 00:00:00

Security fix for the ALT Linux 8 package samba version 4.6.4-alt1

2017-05-24 00:00:00

attackerkb

CVE-2017-7494

2017-05-30 00:00:00

redhatcve

CVE-2017-7494

2021-03-13 22:06:40

osv

CVE-2017-7494

2017-05-30 18:29:00

ics

Potential Legacy Risk from Malware Targeting QNAP NAS Devices

2020-08-06 12:00:00

metasploit

Samba is_known_pipename() Arbitrary Module Load

2017-05-25 00:42:04

debiancve

CVE-2017-7494

2017-05-30 18:29:00

slackware

[slackware-security] samba

2017-05-24 20:34:46

seebug

Samba remote code execution vulnerability(CVE-2017-7494)

2017-05-25 00:00:00

cisa

Samba Releases Security Updates

2017-05-24 00:00:00

oraclelinux

samba4 security update

2017-05-24 00:00:00

samba security update

2017-05-24 00:00:00

samba3x security update

2017-05-26 00:00:00

avleonov

New vulnersBot for Telegram with advanced searches and subscriptions

2017-05-28 10:59:52

prion

Remote code execution

2017-05-30 18:29:00

canvas

Immunity Canvas: SAMBA_IS_KNOWN_PIPENAME

2017-05-30 18:29:00

cisco

Vulnerability in Samba Affecting Cisco Products: May 2017

2017-05-30 19:30:00

rapid7community

Samba CVE-2017-7494: Scanning and Remediating in InsightVM and Nexpose

2017-05-25 21:22:37

Patching CVE-2017-7494 in Samba: It’s the Circle of Life

2017-05-27 02:51:04

Metasploit Wrapup

2017-06-02 15:21:31

huawei

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

2017-06-13 00:00:00

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

2017-11-29 00:00:00

talosblog

Samba Vulnerability: Dancing Its Way to a Network Near You

2017-05-25 00:31:00

alpinelinux

CVE-2017-7494

2017-05-30 18:29:00

qualysblog

Samba Vulnerability CVE-2017-7494

2017-05-26 20:32:57

cvelist

CVE-2017-7494

2017-05-30 18:00:00

freebsd

samba -- remote code execution vulnerability

2017-05-24 00:00:00

cve

CVE-2017-7494

2017-05-30 18:29:00

K13551136 : Samba remote code execution vulnerability CVE-2017-7494

2017-05-25 00:00:00

exploitdb

Samba 3.5.0 < 4.4.14/4.5.10/4.6.4 - 'is_known_pipename()' Arbitrary Module Load (Metasploit)

2017-05-29 00:00:00

Samba 3.5.0 - Remote Code Execution

2017-05-24 00:00:00

nmap

broadcast-wpad-discover NSE Script

2011-12-29 14:43:37

svn-brute NSE Script

2010-08-18 20:50:51

domcon-cmd NSE Script

2010-08-19 23:02:58

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.973 High

EPSS

Percentile

99.9%

JSON

Related for SAMBA:CVE-2017-7494