Lucene search

[email protected]NVD:CVE-2009-2813

HistorySep 14, 2009 - 4:30 p.m.

CVE-2009-2813

2009-09-1416:30:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.007

Percentile

80.1%

JSON

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.

Affected configurations

Nvd

Node

sambasambaMatch3.0.12

sambasambaMatch3.0.13

sambasambaMatch3.0.14

sambasambaMatch3.0.14a

sambasambaMatch3.0.15

sambasambaMatch3.0.16

sambasambaMatch3.0.17

sambasambaMatch3.0.18

sambasambaMatch3.0.19

sambasambaMatch3.0.20

sambasambaMatch3.0.20a

sambasambaMatch3.0.20b

sambasambaMatch3.0.21

sambasambaMatch3.0.21a

sambasambaMatch3.0.21b

sambasambaMatch3.0.21c

sambasambaMatch3.0.22

sambasambaMatch3.0.23

sambasambaMatch3.0.23a

sambasambaMatch3.0.23b

sambasambaMatch3.0.23c

sambasambaMatch3.0.23d

sambasambaMatch3.0.24

sambasambaMatch3.0.25

sambasambaMatch3.0.25pre1

sambasambaMatch3.0.25pre2

sambasambaMatch3.0.25rc1

sambasambaMatch3.0.25rc2

sambasambaMatch3.0.25rc3

sambasambaMatch3.0.25a

sambasambaMatch3.0.25b

sambasambaMatch3.0.25c

sambasambaMatch3.0.26

sambasambaMatch3.0.26a

sambasambaMatch3.0.27

sambasambaMatch3.0.27a

sambasambaMatch3.0.28

sambasambaMatch3.0.28a

sambasambaMatch3.0.29

sambasambaMatch3.0.30

sambasambaMatch3.0.31

sambasambaMatch3.0.32

sambasambaMatch3.0.33

sambasambaMatch3.0.34

sambasambaMatch3.0.35

sambasambaMatch3.0.36

sambasambaMatch3.2

sambasambaMatch3.2.0

sambasambaMatch3.2.1

sambasambaMatch3.2.2

sambasambaMatch3.2.3

sambasambaMatch3.2.4

sambasambaMatch3.2.5

sambasambaMatch3.2.6

sambasambaMatch3.2.7

sambasambaMatch3.2.8

sambasambaMatch3.2.9

sambasambaMatch3.2.10

sambasambaMatch3.2.11

sambasambaMatch3.2.12

sambasambaMatch3.2.13

sambasambaMatch3.2.14

sambasambaMatch3.2.15

sambasambaMatch3.3

sambasambaMatch3.3.0

sambasambaMatch3.3.1

sambasambaMatch3.3.2

sambasambaMatch3.3.3

sambasambaMatch3.3.4

sambasambaMatch3.3.5

sambasambaMatch3.3.6

sambasambaMatch3.3.7

sambasambaMatch3.4

sambasambaMatch3.4.0

sambasambaMatch3.4.1

AND

applemac_os_xMatch10.5.8

applemac_os_x_serverMatch10.5.8

Node

fedoraprojectfedoraMatch11

VendorProductVersionCPE
sambasamba3.0.12cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
sambasamba3.0.13cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
sambasamba3.0.14cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*
sambasamba3.0.14acpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
sambasamba3.0.15cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*
sambasamba3.0.16cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*
sambasamba3.0.17cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*
sambasamba3.0.18cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*
sambasamba3.0.19cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*
sambasamba3.0.20cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samba	samba	3.0.12	cpe:2.3:a:samba:samba:3.0.12:::::::*
samba	samba	3.0.13	cpe:2.3:a:samba:samba:3.0.13:::::::*
samba	samba	3.0.14	cpe:2.3:a:samba:samba:3.0.14:::::::*
samba	samba	3.0.14a	cpe:2.3:a:samba:samba:3.0.14a:::::::*
samba	samba	3.0.15	cpe:2.3:a:samba:samba:3.0.15:::::::*
samba	samba	3.0.16	cpe:2.3:a:samba:samba:3.0.16:::::::*
samba	samba	3.0.17	cpe:2.3:a:samba:samba:3.0.17:::::::*
samba	samba	3.0.18	cpe:2.3:a:samba:samba:3.0.18:::::::*
samba	samba	3.0.19	cpe:2.3:a:samba:samba:3.0.19:::::::*
samba	samba	3.0.20	cpe:2.3:a:samba:samba:3.0.20:::::::*