steelo - Security Researcher - Exploit Intelligence Platform

CVE-2017-7494 GITHUB CRITICAL WRITEUP

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

3,480 stars

CVSS 9.8

View Code

CVE-2017-7494 GITHUB CRITICAL WRITEUP

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

14 stars

CVSS 9.8

View Code

CVE-2017-7494 NOMISEC CRITICAL WORKING POC

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVSS 9.8

View Code

CVE-2017-7494 METASPLOIT CRITICAL ruby WORKING POC

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVSS 9.8

View Code

CVE-2017-7494 EXPLOITDB CRITICAL python WORKING POC

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVSS 9.8

View Code

CVE-2017-7494 EXPLOITDB CRITICAL ruby WORKING POC

Samba is_known_pipename() Arbitrary Module Load

Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

CVSS 9.8

View Code