8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
72.5%
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled,
runs with the CAP_DAC_OVERRIDE capability, which allows remote
authenticated users to bypass intended file permissions via standard
filesystem operations with any client.
Author | Note |
---|---|
mdeslaur | new code introduced in 3.4.6 |