CVE-2017-7494

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7494

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7494.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-7494

Downstream

ALPINE-CVE-2017-7494

DEBIAN-CVE-2017-7494

DLA-951-1

DSA-3860-1

RHSA-2017:1270

RHSA-2017:1271

RHSA-2017:1272

RHSA-2017:1273

RHSA-2017:1390

SUSE-SU-2017:1391-1

SUSE-SU-2017:1392-1

SUSE-SU-2017:1393-1

SUSE-SU-2017:1396-1

UBUNTU-CVE-2017-7494

USN-3296-1

openSUSE-SU-2024:11365-1

Related

Published

2017-05-30T18:29:00Z

Modified

2025-10-23T03:34:03Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

d82b72a5a5d7c1585a39f3a9530ff8861bfda45a

Fixed

30812c414bb0ceb95abae08c35b94b2f97be4c5c