17 matches found
EUVD-2010-1409
Malware in sbrugna...
RHEL 4 : samba (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - samba: insecure wide links default CVE-2010-0926 Note that Nessus has not tested for this issue but has instead...
SUSE CVE-2010-0926
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Vulnerability
Exploit for multiple platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1039 The Samba server is supposed to only grant access to configured share directories unless "wide links" are enabled, in which case the server is allowed to follow symlink...
Oracle Linux 5 : samba (ELSA-2012-0313)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0313 advisory. - Security Release, fixes CVE-2010-0926 - Security Release, fixes CVE-2010-0547, CVE-2010-0787, CVE-2011-2694, CVE-2011-2522, CVE-2011-1678, CVE-2011-2724 -...
samba security, bug fix, and enhancement update
3.0.33-3.37.el5 - Regenerate manpage for 'wide links' and 'unix extensions' sections - related: 722553 3.0.33-3.36.el5 - Security Release, fixes CVE-2010-0926 - resolves: 722553 3.0.33-3.35.el5 - Fix smbclient return code - resolves: 768908 3.0.33-3.34.el5 - Fix support for Windows 2008 R2 domain...
RedHat Update for samba RHSA-2012:0313-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : Samba (ZYPP Patch Number 6921)
With enabled 'wide links' samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
Default configuration
The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enables support for wide links, which allows remote authenticated users to access arbitrary files via vectors involving symbolic links. NOTE: this might overlap CVE-2010-0926...
SuSE 10 Security Update : Samba (ZYPP Patch Number 6920)
With enabled 'wide links' samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
SuSE9 Security Update : Samba (YOU Patch Number 12595)
With enabled 'wide links' samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
openSUSE Security Update : cifs-mount (cifs-mount-2128)
With enabled 'wide links' samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
openSUSE Security Update : cifs-mount (cifs-mount-2128)
With enabled 'wide links' samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
SuSE 11 Security Update : Samba (SAT Patch Number 2126)
With enabled 'wide links' Samba follows symbolic links on the server side, therefore allowing clients to overwrite arbitrary files CVE-2010-0926. This update changes the default setting to have 'wide links' disabled by default. The new default only works if 'wide links' is not set explicitly in...
CVE-2010-0926
CVE-2010-0926 affects Samba smbd; a directory traversal exists when a writable share is present. Remote authenticated users can leverage a symlink (via smbclient) containing .. sequences to access arbitrary files due to unix extensions and wide links. Vulnerable ranges: Samba before 3.3.11, 3.4.x...
Samba Symlink Directory Traversal Vulnerability (Feb 2010)
Samba is prone to a directory traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2010-0926
creationtimestamp| type| source ---|---|--- 2010-02-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33599 2010-02-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33598 2018-05-29 15:50:33+00:00| seen|...