Summary: | net-fs/samba-server: symlink-traversal (CVE-2010-0926) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | ole+gentoo, samba |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://marc.info/?l=samba-technical&m=126539387432412&w=2 | ||
Whiteboard: | C3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2010-02-06 16:10:03 UTC
CVE-2010-0926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0926): The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. Vulnerable versions are no longer in the tree. GLSA Vote: no. (In reply to comment #2) > Vulnerable versions are no longer in the tree. But may still exist installed on many systems. (In reply to comment #3) > (In reply to comment #2) > > Vulnerable versions are no longer in the tree. > > But may still exist installed on many systems. > Hi, Krzysztof. Good point, and that is something to be considered when the team decides whether or not to publish a GLSA. At the same time, having fixed versions in the tree and stable allows us to jump ahead in the security process. Vote: YES. It's old so GLSA Vote: no -> Closing. Feel free to reopen if you disagree. |