CVSS: 10.0EPSS: 97%CPEs: 5EXPL: 10CVE-2017-7494 – Samba Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7494
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba desde la versión 3.5.0 y anteriores a 4.6.4, versiones 4.5.10 y 4.4.14, son vulnerables a la ejecución de código remota, lo que permite que un cliente malicioso cargar una biblioteca compartida en un recurso compartido editable, y luego causar que el servidor lo cargue y ejecute. A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it. • https://github.com/opsxcq/exploit-CVE-2017-7494 https://www.exploit-db.com/exploits/42060 https://www.exploit-db.com/exploits/42084 https://github.com/joxeankoret/CVE-2017-7494 https://github.com/homjxi0e/CVE-2017-7494 https://github.com/0xm4ud/noSAMBAnoCRY-CVE-2017-7494 https://github.com/incredible1yu/CVE-2017-7494 https://github.com/00mjk/exploit-CVE-2017-7494 https://github.com/Zer0d0y/Samba-CVE-2017-7494 https://github.com/adjaliya/-CVE-2017-7494-Samba-Exploit-PO • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1CVE-2017-2619 – Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
https://notcve.org/view.php?id=CVE-2017-2619
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. Samba, en versiones anteriores a 4.6.1, 4.5.7 y 4.4.11, es vulnerable a un cliente malicioso que emplee una carrera symlink para permitir el acceso a áreas del sistema de archivos del servidor que no se exportan bajo la definición compartida. A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. Samba suffers from a symlink race that permits opening files outside of the share directory. • https://www.exploit-db.com/exploits/41740 http://www.securityfocus.com/bid/97033 http://www.securitytracker.com/id/1038117 https://access.redhat.com/errata/RHSA-2017:1265 https://access.redhat.com/errata/RHSA-2017:2338 https://access.redhat.com/errata/RHSA-2017:2778 https://access.redhat.com/errata/RHSA-2017:2789 https://bugzilla.redhat.com/show_bug.cgi?id=1429472 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us https:/& • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •