漏洞编号：CVE-2017-7494 CentOS的Security Update for Samba

CentOS has released security update for Samba to fix the vulnerabilities.

Affected Products:

centos 7

QID Detection Logic (Authenticated):
For CentOS version 6, following packages are checked for version less than - "3.6.23-43.el6_9":-
samba, libsmbclient, libsmbclient-devel, samba-client, samba-common, samba-debuginfo, samba-doc, samba-domainjoin-gui, samba-swat, samba-winbind, samba-winbind-clients, samba-winbind-devel, samba-winbind-krb5-locator, samba-glusterfs.

For CentOS version 7, following packages are checked for version less than - "4.4.4-14.el7_3":-
samba, libsmbclient, libsmbclient-devel, libwbclient, libwbclient-devel, samba-client, samba-client-libs, samba-common, samba-common-libs, samba-common-tools, samba-dc, samba-dc-libs, samba-debuginfo, samba-devel, samba-krb5-printing, samba-libs, samba-pidl, samba-python samba-test, samba-test-libs, samba-vfs-glusterfs, samba-winbind, samba-winbind-clients, samba-winbind-krb5-locator, samba-winbind-modules, ctdb, ctdb-tests.

Successful exploitation allows a remote attacker to execute arbitrary code on a targeted system.

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to CentOS advisory centos 7 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

centos7

centos 6