Posts

SambaCry, the Seven Year Old Samba Vulnerability, is the Next Big Threat (for now)

The Samba team released a patch on May 24 for a critical remote code execution vulnerability in Samba, the most popular file sharing service for all Linux systems. Samba is commonly included as a basic system service on other Unix-based operating systems as well.
This vulnerability, indexed CVE-2017-7494, enables a malicious attacker with valid write access to a file share to upload and execute an arbitrary binary file which will run with Samba permissions.