Subject: [ASA-201705-22] samba: arbitrary code execution Arch Linux Security Advisory ASA-201705-22 ========================================== Severity: High Date : 2017-05-30 CVE-ID : CVE-2017-7494 Package : samba Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-279 Summary ======= The package samba before version 4.5.10-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 4.5.10-1. # pacman -Syu "samba>=4.5.10-1" The problem has been fixed upstream in version 4.5.10. Workaround ========== Add the parameter: nt pipe support = no to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note that this can disable some expected functionality for Windows clients. Description =========== All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Impact ====== A malicious authenticated client can execute arbitrary code on the affected host by uploading a shared library to a writable share. References ========== https://www.samba.org/samba/security/CVE-2017-7494.html https://security.archlinux.org/CVE-2017-7494