11 matches found
CVE-2019-3870 affecting package samba for versions less than 4.18.3-1
CVE-2019-3870 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
Synology DiskStation Manager Samba Incorrect Default Permissions (CVE-2019-3870)
A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...
K20804356: Samba vulnerabilities CVE-2019-3870 and CVE-2019-3880
Security Advisory Description CVE-2019-3870 A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that...
Fedora Update for samba FEDORA-2019-208cc34d40
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Samba World Writable Files Vulnerability (CVE-2019-3870)
Samba is prone to a world writeable files vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...
Samba 4.9.x < 4.9.6 / 4.10.0 < 4.10.2 World-Writable Files Vulnerability (CVE-2019-3870)
The version of Samba running on the remote host is 4.9.x 4.9.6 or 4.10.0 prior to 4.10.2. It is, therefore, potentially affected by a world writable files vulnerability. An authenticated, local attacker can exploit this issue to read and update files in the private/ directory. Note that Nessus ha...
Fedora 29 : 2:samba (2019-db21b5f1d2)
Update to Samba 4.9.6, Security fixes for CVE-2019-3870 and CVE-2019-3880 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Security fix for the ALT Linux 10 package samba version 4.10.2-alt1
April 11, 2019 Evgeny Sinelnikov 4.10.2-alt1 - Update to spring security release - Security fixes: + CVE-2019-3870 World writable files in Samba AD DC private/ dir + CVE-2019-3880 Save registry file outside share as unprivileged user...
CVE-2019-3870
A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...
CVE-2019-3870
CVE-2019-3870 affects Samba 4.9 (inclusive) through 4.9.5, and 4.10.x up to 4.10.2. During new Samba AD DC creation, a private install subdirectory (often 0700) may be left with looser permissions (e.g., 0755) after upgrades. Within this directory, files are created with mode 0666, making sensiti...
Samba Releases Security Updates
The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Samba Securi...