Your submission was sent successfully! Close

CVE-2017-7494

Published: 24 May 2017

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

Priority

High

CVSS 3 base score: 9.8

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
precise
Released (2:3.6.25-0ubuntu0.12.04.11)
trusty
Released (2:4.3.11+dfsg-0ubuntu0.14.04.8)
upstream Needs triage

xenial
Released (2:4.3.11+dfsg-0ubuntu0.16.04.7)
yakkety
Released (2:4.4.5+dfsg-2ubuntu5.6)
zesty
Released (2:4.5.8+dfsg-0ubuntu0.17.04.2)