Samba: symlink race permits opening files outside share directory (CVE-2017-2619)

🗓️ 28 Mar 2017 00:00:00Reported by RootType

Samba server allows accessing files outside share directory using symlink race (CVE-2017-2619). Vulnerability lies in following symlinks without wide links enabled, leading to unauthorized file access

Reporter	Title	Published	Views	Family All 202
ALT Linux	Security fix for the ALT Linux 7 package samba-DC version 4.5.7-alt1.M70P.1	23 Mar 201700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package samba version 4.6.1-alt1.S1	23 Mar 201700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package samba version 4.5.7-alt1.M70P.1	23 Mar 201700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package samba-DC version 4.6.1-alt1	23 Mar 201700:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package samba version 4.6.1-alt1	23 Mar 201700:00	–	altlinux
0day.today	Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Vulnerability	28 Mar 201700:00	–	zdt
FreeBSD	samba -- symlink race allows access outside share definition	23 Mar 201700:00	–	freebsd
IBM Security Bulletins	Security Bulletin: Samba vulnerability affects IBM SONAS (CVE-2017-2619)	18 Jun 201800:35	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability CVE-2017-2619 in Samba affects IBM i	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2017-2619)	1 Aug 201818:59	–	ibm

28 Mar 2017 00:00Current

7.8High risk

Vulners AI Score7.8

EPSS0.3031