| Summary: | net-fs/samba : world-writable permissions on non-default CIFS shares (CVE-2013-1863) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | samba |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1863 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
CVE-2013-1863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1863): Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations. |
From ${URL} : Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations. @maintainer: please check if 3.x is vulnerable.