Security News > 2017 > July > Attackers are taking over NAS devices via SambaCry flaw (Help Net Security)
2017-07-18 20:57
A Samba remote code execution flaw patched in May is being exploited to compromise IoT devices running on different architectures (MIPS, ARM, PowerPC, etc.), Trend Micro researchers warn. Samba is an open source implementation of the SMB/CIFS networking protocol, which provides Linux/Unix servers with Windows-based file and print services. It runs on most Linux, Unix and Unix-like systems. Since the public revelation of its existence, the so-called SambaCry vulnerability (CVE-2017-7494) has been misused by attackers … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/gnnNnhlXpoA/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-30 | CVE-2017-7494 | Code Injection vulnerability in multiple products Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. | 9.8 |