Lucene search
RootSSV:19271HistoryMar 14, 2010 - 12:00 a.m.
Samba CAP_DAC_OVERRIDE文件权限绕过安全限制漏洞
2010-03-1400:00:00
Root
www.seebug.org
11
0.004 Low
EPSS
Percentile
69.7%
BUGTRAQ ID: 38606
CVE ID: CVE-2010-0728
Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。
如果启用了libcap支持,则所有的smbd进程都继承了CAP_DAC_OVERRIDE功能标记,这允许通过认证的远程用户通过标准的文件系统操作绕过预期的文件权限限制读写访问文件。
Samba Samba 3.5.0
Samba Samba 3.4.6
Samba Samba 3.3.11
厂商补丁:
Samba
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.samba.org/samba/history/samba-3.5.1.html
http://www.samba.org/samba/history/samba-3.4.7.html
http://www.samba.org/samba/history/samba-3.3.12.html
Related
nessus
nessus
Samba 'CAP_DAC_OVERRIDE' File Permission Security Bypass
2010-03-12 00:00:00
Samba 'CAP_DAC_OVERRIDE' File Permission Security Bypass (version check)
2010-03-12 00:00:00
Fedora 13 : samba-3.5.1-58.fc13 (2010-4087)
2010-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2010-0728
2010-03-10 00:00:00
cve
cve
CVE-2010-0728
2010-03-10 20:13:00
debiancve
debiancve
CVE-2010-0728
2010-03-10 20:13:00
prion
prion
Input validation
2010-03-10 20:13:00
openvas
openvas
Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
2010-03-09 00:00:00
Fedora Update for samba FEDORA-2010-3999
2010-03-12 00:00:00
Fedora Update for samba FEDORA-2010-3999
2010-03-12 00:00:00
samba
samba
Allowing all file system access even when
2010-03-08 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: samba-3.5.1-58.fc13
2010-03-10 06:53:21
[SECURITY] Fedora 12 Update: samba-3.4.7-58.fc12
2010-03-11 07:19:42
[SECURITY] Fedora 12 Update: samba-3.4.9-60.fc12
2010-09-15 05:39:47
redhatcve
redhatcve
CVE-2010-0728
2015-10-30 09:58:35
gentoo
gentoo
Samba: Multiple vulnerabilities
2012-06-24 00:00:00