101 pointsby rivertabout 8 years ago

4 comments

syvanenabout 8 years ago

Info of fixed versions:<p>Debian: <a href="https://security-tracker.debian.org/tracker/CVE-2017-7494" rel="nofollow">https://security-tracker.debian.org/tracker/CVE-2017-7494</a><p>Ubuntu: <a href="https://www.ubuntu.com/usn/usn-3296-1/" rel="nofollow">https://www.ubuntu.com/usn/usn-3296-1/</a><p>Red Hat: <a href="https://access.redhat.com/security/cve/CVE-2017-7494" rel="nofollow">https://access.redhat.com/security/cve/CVE-2017-7494</a>

评论 #14412957 未加载

评论 #14419221 未加载

评论 #14411124 未加载

ericfrederichabout 8 years ago

So is this a RCE vulnerability that wouldn't be solved by using a memory safe language?<p>Looks like a design issue and not an overflow or something.

评论 #14414175 未加载

mynewtbabout 8 years ago

Is this something new or ETERNALBLUE?

评论 #14410379 未加载

评论 #14410925 未加载

legulereabout 8 years ago

What's the vulnerability? C memory unsafety?

评论 #14411022 未加载

Samba 3.5.0+ vulnerability: Remote code execution from a writable share

4 comments

Samba 3.5.0+ vulnerability: Remote code execution from a writable share

4 comments