#VU9372 Use-after-free in Samba - CVE-2017-14746
Published: November 21, 2017
Vulnerability identifier: #VU9372
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-14746
CWE-ID: CWE-416
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Samba
Samba
Software vendor:
Samba
Samba
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a use-after-free error when processing SMB1 requests. A remote attacker can send a specially crafted SMB1 request to vulnerable server, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable SMB server.
The vulnerability exists due to a use-after-free error when processing SMB1 requests. A remote attacker can send a specially crafted SMB1 request to vulnerable server, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable SMB server.
Remediation
Update to version 4.5.15, 4.6.11 or 4.7.3.