Samba shared library upload and execution

Added: 06/08/2017
CVE: CVE-2017-7494
BID: 98636

Background

Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.

Problem

A vulnerability in Samba allows a remote attacker to upload a shared object library to a writable share, and then cause the server to load and execute it.

Resolution

Upgrade to Samba 4.4.14, 4.5.10, or 4.6.4 or higher, or install an updated package from your Linux vendor.

References

https://www.samba.org/samba/security/CVE-2017-7494.html

Limitations

Exploit works against Ubuntu 14.04 and requires the login and password of an account with write access to a Samba share on the target unless an anonymously writable share exists.

Platforms

Linux

Back to exploit index