8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
70.8%
This flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE
capabilities, allowing all file system access to be allowed
even when permissions should have denied access.
Please note this security problem does not affect any platform that does
not support capabilities and platforms where binaries were built without
libcap support.
Also note that 3.4.5 and prior 3.4.x versions and 3.3.10 and prior 3.3.x
versions are NOT affected.
A Patch addressing this issue has been posted to:
http://www.samba.org/samba/security/
Additionally, Samba 3.3.12, 3.4.7 and 3.5.1 have been issued
as security releases to correct the defect. Samba administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.
None available
The problem was was reported as
https://bugzilla.samba.org/show_bug.cgi?id=7222
by Andreas Matthus <[email protected]>.
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team