[21:52:05] === CVE-2026-4480 reproduction started === [21:52:05] Vulnerable: samba-4.22.9 Fixed: samba-4.22.10 (fix b80131fcf582ecc8e8c1b97e6051bb324bb8bef8) [21:52:05] Installing dependencies... [21:52:07] Dependencies installed. [21:52:07] VULNERABLE: cached build found at /data/pruva/project-cache/394b5a21-b4eb-4812-8045-7ceb9380c425/repo/bin/smbd [21:52:07] FIXED: cached build found at /data/pruva/project-cache/394b5a21-b4eb-4812-8045-7ceb9380c425/repo-fixed/bin/smbd [21:52:07] ========== VULNERABLE TEST (samba-4.22.9) ========== [21:52:07] Starting smbd on port 445... [21:52:10] smbd is listening on port 445 [21:52:10] [VULN] Running exploit client... [21:52:14] [VULN] Evidence: id_output=yes marker=yes [21:52:14] [VULN] Printlog: [21:52:14] [VULN] Remote Downlevel Document PWN [21:52:14] [VULN] uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) [21:52:14] [VULN] sh: 1: END: not found [21:52:16] smbd stopped [21:52:16] ========== FIXED TEST (samba-4.22.10 - negative control) ========== [21:52:16] Starting smbd on port 445... [21:52:19] smbd is listening on port 445 [21:52:19] [FIXED] Running exploit client... [21:52:24] [FIXED] Evidence: id_output=no marker=no [21:52:24] [FIXED] Printlog: [21:52:24] [FIXED] Remote Downlevel Document PWN__id__touch marker__END [21:52:26] smbd stopped [21:52:26] ========== VERDICT ========== [21:52:26] Vulnerable: id_output=yes marker=yes (expect yes) [21:52:26] Fixed: id_output=no marker=no (expect no) [21:52:26] RESULT: CVE-2026-4480 CONFIRMED - RCE on vulnerable, blocked on fixed [21:52:26] === CVE-2026-4480 reproduction finished === [21:52:53] === CVE-2026-4480 reproduction started === [21:52:53] Vulnerable: samba-4.22.9 Fixed: samba-4.22.10 (fix b80131fcf582ecc8e8c1b97e6051bb324bb8bef8) [21:52:53] Installing dependencies... [21:52:54] Dependencies installed. [21:52:54] VULNERABLE: cached build found at /data/pruva/project-cache/394b5a21-b4eb-4812-8045-7ceb9380c425/repo/bin/smbd [21:52:54] FIXED: cached build found at /data/pruva/project-cache/394b5a21-b4eb-4812-8045-7ceb9380c425/repo-fixed/bin/smbd [21:52:54] ========== VULNERABLE TEST (samba-4.22.9) ========== [21:52:54] Starting smbd on port 445... [21:52:57] smbd is listening on port 445 [21:52:57] [VULN] Running exploit client... [21:53:01] [VULN] Evidence: id_output=yes marker=yes [21:53:01] [VULN] Printlog: [21:53:01] [VULN] Remote Downlevel Document PWN [21:53:01] [VULN] uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) [21:53:01] [VULN] sh: 1: END: not found [21:53:03] smbd stopped [21:53:03] ========== FIXED TEST (samba-4.22.10 - negative control) ========== [21:53:03] Starting smbd on port 445... [21:53:06] smbd is listening on port 445 [21:53:06] [FIXED] Running exploit client... [21:53:11] [FIXED] Evidence: id_output=no marker=no [21:53:11] [FIXED] Printlog: [21:53:11] [FIXED] Remote Downlevel Document PWN__id__touch marker__END [21:53:13] smbd stopped [21:53:13] ========== VERDICT ========== [21:53:13] Vulnerable: id_output=yes marker=yes (expect yes) [21:53:13] Fixed: id_output=no marker=no (expect no) [21:53:13] RESULT: CVE-2026-4480 CONFIRMED - RCE on vulnerable, blocked on fixed [21:53:13] === CVE-2026-4480 reproduction finished ===