[Samba] CVE-2017-7494 in SAMBA-AD 4.3.11-ubuntu
Anderson Hoffmann do Carmo
anderson.hoffmann at gsurfnet.com
Thu May 25 17:13:43 UTC 2017
Hi Mike
Thank you for the information! :-)
Anderson Hoffmann
2017-05-25 13:59 GMT-03:00 Data Control Systems - Mike Elkevizth <
mike at datacontrolsystems.com>:
> According to the changelog from Ubuntu (http://changelogs.ubuntu.com/
> changelogs/pool/main/s/samba/samba_4.3.11+dfsg-0ubuntu0.16.04.7/changelog)
> this fix has been backported into the Ubuntu 4.3.11 packages.
>
> samba (2:4.3.11+dfsg-0ubuntu0.16.04.7) xenial-security; urgency=medium
>
> * SECURITY UPDATE: remote code execution from a writable share
> - debian/patches/CVE-2017-7494.patch: refuse to open pipe names with a
> slash inside in source3/rpc_server/srv_pipe.c.
> - CVE-2017-7494
>
> -- Marc Deslauriers <marc.deslauriers at ubuntu.com> Fri, 19 May 2017
> 14:18:13 -0400
>
> Mike E.
>
>
> On Thu, May 25, 2017 at 12:54 PM, Anderson Hoffmann do Carmo via samba <
> samba at lists.samba.org> wrote:
>
>> Hi
>>
>> We have the one server SAMBA 4.3.11-ubuntu in Active Directory mode with
>> some Windows Clients
>> The Ubuntu repository not update samba package (last version is 4.3.11).
>>
>> Please, how am i can fix the CVE-2017-7494 (Remote code execution from a
>> writable share) in my SAMBA server?
>>
>> Should option 'nt pipe support = no' will influence how SAMBA_AD works?
>>
>>
>> Anderson Hoffmann
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
More information about the samba
mailing list