[BESAdmin-Announcements] IBM BigFIx Patch released Fixlets for the CVE 2017-7494 Remote code execution from a writable share Vulnerability (also known as Sambacry)
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue May 30 01:17:56 PDT 2017
IBM BigFix Patch has released Fixlets to the following sites to address the
CVE 2017-7494 Sambacry Vulnerability, also known as SambaCry:
- Patches for CentOS site versions: CentOS 6, CentOS 7, CentOS 6 R2, CentOS
7 R2
- Patches for OEL site versions: OEL 6 and OEL 7
- Patches for RHEL site versions: RHEL 6, RHEL 7, RHEL 7 PPC64LE, RHEL 6z
RHSM, RHEL 7z RHSM
- Patches for SLE site versions: SLE 11, SLE 12, SLE 11z,
- Patches for Ubuntu site versions: Ubuntu 14 and Ubuntu 16
Samba gave the following description in its advisory and has advised
upgrades or applying the patch as soon as possible.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code
execution vulnerability, allowing a malicious client to upload a shared
library to a writable share, and then cause the server to load and execute
it."
No other action is required after applying the Fixlets.
For more information, see
https://www.samba.org/samba/security/CVE-2017-7494.html.
Application Engineering team
IBM BigFix Patch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20170530/8f894a21/attachment.html>
More information about the Besadmin-announcements
mailing list