[Samba] [SECURITY] CVE-2017-7494: Remote code execution from a writable share

Andrew Bartlett abartlet at samba.org
Mon May 29 07:06:36 UTC 2017

On Mon, 2017-05-29 at 11:51 +0530, Anantha Raghava via samba wrote:
> Hi,
> We are using Samba 4.6.3 as Active Directory Server only and not as a 
> file server. Do you suggest that we apply this patch on Samba AD as well?

Yes, but the risk is less if only an administrator can write to
[sysvol] and [netlogon].


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list