Shulou(Shulou.com)06/02 Report--

The Samba team issued a security announcement (https://www.samba.org/samba/security/CVE-2017-7494.html) and provided patches (https://arstechnica.com/security/2017/05/a-wormable-code-execution-bug-has-lurked-in-samba-for-7-years-patch-now/).

A seven-year-old remote code execution vulnerability, numbered CVE-2017-7494, can be exploited to execute malicious code with only one line of code when certain conditions are met. These conditions include: the port 445 can be accessed through the Internet, the configuration of the shared file has write permission, and the server path of the file can be guessed. Malicious users only need to upload a shared library to allow the server to load and execute malicious code.

According to the Samba team, this vulnerability affects all versions prior to 3.5.0.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.