Samba RCE requires updating samba packages.
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.
All versions of Samba from 3.5.0 onwards are vulnerable to this remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Unitrends Risk Assessment: None with security updates included in version 10.1 or patch available as of 5/25/17.
Fixed in samba-3.6.23-43.el6_9 and later.
This patch is included with the latest security updates. To apply the latest security updates, follow the notes provided in Unitrends Response to certain security vulnerabilities (CVEs) - Reference Article.
To confirm you have successfully patched, run the command below and verify you are running samba-3.6.23-43.el6_9 or newer.
[[email protected] ~]# rpm -qa | grep samba samba-winbind-3.6.23-43.el6_9.x86_64 samba-common-3.6.23-43.el6_9.x86_64 samba-client-3.6.23-43.el6_9.x86_64 samba-winbind-clients-3.6.23-43.el6_9.x86_64 samba-3.6.23-43.el6_9.x86_64