CVE-2017-7494 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in Samba affects v. 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
30 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
Samba is an open-source software tool used for file and print services. It allows Unix-based systems to communicate with Windows-based systems and share resources. Its primary use is in network environments where multiple operating systems coexist, allowing easy communication and sharing of resources across different platforms. Samba is a critical tool for businesses that require cross-platform communication in their network infrastructure.
CVE-2017-7494, is a remote code execution vulnerability in Samba that was detected in versions prior to 4.6.4, 4.5.10, and 4.4.14. The vulnerability allows a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. This vulnerability could potentially give complete control of the system to the attacker.
If the vulnerability is exploited, an attacker could gain complete control of the system. For instance, the attacker could install malware, extract sensitive data, or even encrypt the files, thereby rendering the system unusable. The risk associated with this vulnerability is enormous, and immediate action is necessary to mitigate the risk.
s4e.io is a platform that provides comprehensive security insights to businesses and helps them identify vulnerabilities in their digital assets. With the pro features of this platform, businesses can easily and quickly learn about vulnerabilities in their digital assets, including Samba. By leveraging the insights provided by s4e.io, businesses can stay ahead of the curve and protect themselves against emerging cyber threats, safeguarding their critical data and ensuring that their business operations run smoothly.
REFERENCES
- securityfocus.com: 98636
- debian.org: DSA-3860
- exploit-db.com: 42084
- access.redhat.com: RHSA-2017:1270
- https://www.samba.org/samba/security/CVE-2017-7494.html
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01
- access.redhat.com: RHSA-2017:1390
- securitytracker.com: 1038552
- access.redhat.com: RHSA-2017:1273
- access.redhat.com: RHSA-2017:1271
- security.gentoo.org: GLSA-201805-07
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us
- access.redhat.com: RHSA-2017:1272
- https://security.netapp.com/advisory/ntap-20170524-0001/
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us
- exploit-db.com: 42060
