Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.SAMBA_CVE-2019-3870.NASL
HistoryApr 16, 2019 - 12:00 a.m.

Samba 4.9.x < 4.9.6 / 4.10.0 < 4.10.2 World-Writable Files Vulnerability (CVE-2019-3870)

2019-04-1600:00:00
This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The version of Samba running on the remote host is 4.9.x < 4.9.6 or 4.10.0 prior to 4.10.2. It is, therefore, potentially affected by a world writable files vulnerability. An authenticated, local attacker can exploit this issue to read and update files in the private/ directory.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(124087);
  script_version("1.4");
  script_cvs_date("Date: 2019/10/30 13:24:46");

  script_cve_id("CVE-2019-3870");
  script_bugtraq_id(107798);

  script_name(english:"Samba 4.9.x < 4.9.6 / 4.10.0 < 4.10.2 World-Writable Files Vulnerability (CVE-2019-3870)");
  script_summary(english:"Checks the version of Samba.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Samba server is potentially affected by a world writable files vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Samba running on the remote host is 4.9.x < 4.9.6 or 
4.10.0 prior to 4.10.2. It is, therefore, potentially affected by a 
world writable files vulnerability. An
authenticated, local attacker can exploit this issue to read and 
update files in the private/ directory.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/security/CVE-2019-3870.html");
  script_set_attribute(attribute:"see_also", value:"https://download.samba.org/pub/samba/rc/samba-4.10.2.WHATSNEW.txt");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Samba version 4.9.6 / 4.10.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3870");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:samba:samba");
  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_nativelanman.nasl");
  script_require_keys("SMB/NativeLanManager", "SMB/samba", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("vcf.inc");
include("vcf_extras.inc");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

app = vcf::samba::get_app_info();
vcf::check_granularity(app_info:app, sig_segments:3);

# Note: versions < 4.7 are EOL
constraints = [
  {"min_version":"4.9.0rc0", "fixed_version":"4.9.6"},
  {"min_version":"4.10.0rc0", "fixed_version":"4.10.2"}
];

vcf::check_version_and_report(app_info:app, constraints:constraints, severity:SECURITY_NOTE, strict:FALSE);
VendorProductVersionCPE
sambasambacpe:/a:samba:samba

Related

redhatcve 1
samba 1
cve 1
ubuntucve 1
osv 1
prion 1
debiancve 1
openvas 6
nessus 2
fedora 6
altlinux 1
f5 1
cisa 1
redhatcve
redhatcve
CVE-2019-3870
2019-04-09 04:24:44
samba
samba
World writable files in Samba AD DC private/ dir
2019-04-08 00:00:00
cve
cve
CVE-2019-3870
2019-04-09 16:29:00
ubuntucve
ubuntucve
CVE-2019-3870
2019-04-08 00:00:00
osv
osv
CVE-2019-3870
2019-04-09 16:29:01
prion
prion
Design/Logic Flaw
2019-04-09 16:29:00
debiancve
debiancve
CVE-2019-3870
2019-04-09 16:29:00
openvas
openvas
Samba World Writable Files Vulnerability (CVE-2019-3870)
2019-05-09 00:00:00
Fedora Update for samba FEDORA-2019-db21b5f1d2
2019-05-07 00:00:00
Fedora Update for samba FEDORA-2019-208cc34d40
2019-05-19 00:00:00
nessus
nessus
Fedora 30 : 2:samba (2019-cacf88eabf)
2019-05-02 00:00:00
Fedora 29 : 2:samba (2019-db21b5f1d2)
2019-04-16 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: samba-4.10.2-0.fc30
2019-04-13 00:10:07
[SECURITY] Fedora 29 Update: samba-4.9.6-0.fc29
2019-04-16 04:05:09
[SECURITY] Fedora 29 Update: samba-4.9.8-0.fc29
2019-05-18 03:21:47
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.10.2-alt1
2019-04-11 00:00:00
f5
f5
K20804356 : Samba vulnerabilities CVE-2019-3870 and CVE-2019-3880
2019-05-27 00:00:00
cisa
cisa
Samba Releases Security Updates
2019-04-08 00:00:00
JSON
Related for SAMBA_CVE-2019-3870.NASL
redhatcve1samba1cve1ubuntucve1osv1prion1debiancve1openvas6nessus2fedora6altlinux1f51cisa1