[Samba] CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
Data Control Systems - Mike Elkevizth
mike at datacontrolsystems.com
Thu May 25 16:59:23 UTC 2017
According to the changelog from Ubuntu (
http://changelogs.ubuntu.com/changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.7/changelog)
this fix has been backported into the Ubuntu 4.3.11 packages.
samba (2:4.3.11+dfsg-0ubuntu0.16.04.7) xenial-security; urgency=medium
* SECURITY UPDATE: remote code execution from a writable share
- debian/patches/CVE-2017-7494.patch: refuse to open pipe names with a
slash inside in source3/rpc_server/srv_pipe.c.
- CVE-2017-7494
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Fri, 19 May 2017
14:18:13 -0400
Mike E.
On Thu, May 25, 2017 at 12:54 PM, Anderson Hoffmann do Carmo via samba <
samba at lists.samba.org> wrote:
> Hi
>
> We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with
> some Windows Clients
> The Ubuntu repository not update samba package (last version is 4.3.11).
>
> Please, how am i can fix the CVE-2017-7494 (Remote code execution from a
> writable share) in my SAMBA server?
>
> Should option 'nt pipe support = no' will influence how SAMBA_AD works?
>
>
> Anderson Hoffmann
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list