A seven-year-old remote code execution vulnerability that is affecting Samba versions 3.5.0 and higher is making news this week. The vulnerability is billed as the WannaCry equivalent for *nix operating systems, and some are even calling it SambaCry since it affects the SMB protocol implementation and is potentially wormable – which can cause it to spread from system to system.
A malicious samba client that has write access to a samba share could use this flaw to execute arbitrary code typically as root.
1. CVE-2017-74942 has a CVSS Score of 7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)3.
2. This vulnerability is the Linux version of WannaCry, appropriately named SambaCry. A malicious samba client that has write access to a samba share could use this flaw to execute arbitrary code typically as root.
3. The flaw allows a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it with the privileges of smbd (typically root).
4. This flaw affects all versions of Samba from 3.5.0 onwards, except for the most recent releases of Samba 4.6.4, 4.5.10 and 4.4.14.