Samba SecuritySAMBA:CVE-2008-3789Wrong permissions of group_mapping.ldb
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
32.8%
Description
The file group_mapping.ldb is created with the permissions 0666. That means
everyone is able to edit this file and gain additional access rights while
connecting remotely to the Samba server. By manipulating the SID mappings
contained in this file, it is also possible to establish a connection that runs
in the privileged root context.
Patch Availability
Two patches addressing this defect has been posted to
http://www.samba.org/samba/security/
Additionally, Samba 3.2.3 has been issued as a security
release to correct the defect. Samba administrators are
advised to upgrade to 3.2.3 or apply the patch as soon
as possible.
Workaround
As a temporary workaround file permissions of the group_mapping.ldb can be set
to 0600 manually. Note that these permissions are discarded by newly created
group_mapping.ldb files.
Credits
This issue was initially reported as a Debian bug #496073.
The time line is as follows:
- August 22, 2008: Initial report at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073. - August 23, 2008: Initial report at http://bugzilla.samba.org.
- August 25, 2008: First response from Samba developers confirming
the bug along with a proposed patch. - August 26, 2008: Samba developers added additional patch.
- August 27, 2008: Public security advisory made available.
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
Related
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
32.8%