| Summary: | <net-fs/samba-3.4.7: allows remote authenticated users to bypass intended file permissions (CVE-2010-0728) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Andreis Vinogradovs ( slepnoga ) <andreis.vinogradovs> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://secunia.com/advisories/cve_reference/CVE-2010-0728/ | ||
| Whiteboard: | B4 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Andreis Vinogradovs ( slepnoga )
2010-03-18 16:11:37 UTC
CVE-2010-0728 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728): smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client. CVE-2010-0728 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728): smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client. http://www.samba.org/samba/security/CVE-2010-0728 =net-fs/samba-3.4.9 is fixed and currently the only stable version in the tree. I rate this a B4, so it requires a vote. GLSA Vote: Yes. Added to pending GLSA. This issue was resolved and addressed in GLSA 201206-22 at http://security.gentoo.org/glsa/glsa-201206-22.xml by GLSA coordinator Sean Amoss (ackle). |
