2017-09-14
ALT-BU-2017-3346-1
Branch c6 update bulletin.
Closed vulnerabilities
Published: 2017-05-24
BDU:2017-01262
Уязвимость сетевой файловой системы Samba, позволяющая выполнить произвольный код
Severity: CRITICAL (9.8)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-05-30
Modified: 2025-02-07
Modified: 2025-02-07
CVE-2017-7494
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- DSA-3860
- DSA-3860
- 98636
- 98636
- 1038552
- 1038552
- RHSA-2017:1270
- RHSA-2017:1270
- RHSA-2017:1271
- RHSA-2017:1271
- RHSA-2017:1272
- RHSA-2017:1272
- RHSA-2017:1273
- RHSA-2017:1273
- RHSA-2017:1390
- RHSA-2017:1390
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-095-01+Security+Notification+Umotion+V1.1.pdf&p_Doc_Ref=SEVD-2018-095-01
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03759en_us
- GLSA-201805-07
- GLSA-201805-07
- https://security.netapp.com/advisory/ntap-20170524-0001/
- https://security.netapp.com/advisory/ntap-20170524-0001/
- 42060
- 42060
- 42084
- 42084
- https://www.samba.org/samba/security/CVE-2017-7494.html
- https://www.samba.org/samba/security/CVE-2017-7494.html