Samba Patches A 7-Year-Old Wormable Code-Execution Bug

Samba Patches A 7-Year-Old Wormable Code-Execution Bug
joffi / Pixabay

First, it was Microsoft, and now, its Samba’s turn to be in the news for a bug that could pose a major threat to users. However, Samba users do not have to worry, as the file-sharing bug has already been fixed. The patch for the vulnerability impacting Samba was issued on Wednesday.

How the bug could have affected Samba users

Samba, the popular open-source SMB server software for UNIX systems, has been open to a remote code execution vulnerability for the last seven years. It enables an attacker to upload and execute code on the device, according to an advisory released recently.

The flaw, which was tracked as CVE-2017-7494, could have affected all versions of Samba from 3.5.0 (released March 1, 2010) onward, and it resulted in remote takeover of the affected systems, notes BleepingComputer. According to experts, the more concerning thing about the flaw is that the vulnerability could be exploited with just one line of code.

What Investors Need To Know When Choosing A Private Equity Manager

investor 1652197064It's no secret that this year has been a volatile one for the markets. The S&P 500 is down 18% year to date, while the Nasdaq Composite is off by 27% year to date. Meanwhile, the VIX, a key measure of volatility, is up 49% year to date at 24.72. However, it has spiked as Read More

HD Moore, VP of Research & Development at Atredis Partners, notes that the flaw could be exploited by using a Metasploit module which is currently under development. This means that the CVE-2017-7494 attacks can be scripted and added to automa