253850 – (CVE-2009-0022) net-fs/samba < 3.2.7 and > 3.2.0 Root File System Access (CVE-2009-0022)

Bug 253850 (CVE-2009-0022) - net-fs/samba < 3.2.7 and > 3.2.0 Root File System Access (CVE-2009-0022)

Summary: net-fs/samba < 3.2.7 and > 3.2.0 Root File System Access (CVE-2009-0022)

Status:	RESOLVED FIXED

Alias:	CVE-2009-0022

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High enhancement
Assignee:	Gentoo Security

URL:	http://secunia.com/Advisories/33379/
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2009-01-05 13:19 UTC by Bruno Buss
Modified:	2009-06-24 00:08 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bruno Buss 2009-01-05 13:19:41 UTC

Description:
"A security issue has been reported in Samba, which can be exploited by malicious users to bypass certain security restrictions.

The problem is that access to the root file system is granted when authenticated users connect to a share with an empty string as name, and e.g. use an older version of smbclient.

Successful exploitation requires that "registry shares" is enabled.

NOTE: "registry shares" is implicitly set with "include = registry" or "config backend = registry".

The security issue is reported in versions 3.2.0 through 3.2.6."

The only vulnerable ebuild in tree is a hard-masked one, samba-3.2.0_rc2.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2009-01-05 22:12:32 UTC

>=3.2.0 is still in p.mask

Comment 2 Robert Buchholz (RETIRED) gentoo-dev

2009-06-24 00:08:40 UTC

can you please remove the vulnerable 3.2.0_rc2 ebuild? thanks!