ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (NT Create AndX .so) (CVE-2017-7494)

SID: 2024336Rev: 11 viewsHistory

Sourceet/open

CreatedMay 25, 2017

UpdatedJuly 26, 2019

Classificationattempted-admin

alert tcp any any -> $HOME_NET 445 (msg:"ET EXPLOIT Samba Arbitrary Module Loading Vulnerability (NT Create AndX .so) (CVE-2017-7494)"; flow:to_server,established; content:"SMB|a2 00|"; offset:5; depth:5; content:"|00 00|"; distance:1; within:2; content:"|2e|so|00|"; fast_pattern; distance:16; reference:cve,2017-7494; reference:url,github.com/rapid7/metasploit-framework/pull/8450; classtype:attempted-admin; sid:2024336; rev:1; metadata:attack_target SMB_Server, created_at 2017_05_25, cve CVE_2017_7494, deployment Datacenter, performance_impact Low, signature_severity Critical, tag CISA_KEV, updated_at 2019_07_26;)

References

cve	2017-7494
url	github.com/rapid7/metasploit-framework/pull/8450

Metadata

attack targetSMB_Server

created at2017_05_25

cveCVE-2017-7494

deploymentDatacenter

performance impactLow

signature severityCritical

tagCISA_KEV

updated at2019_07_26

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!