CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
EPSS
Percentile
54.6%
Samba 4.x before 4.0.4, when configured as an Active Directory domain
controller, uses world-writable permissions on non-default CIFS shares,
which allows remote authenticated users to read, modify, create, or delete
arbitrary files via standard filesystem operations.
www.samba.org/samba/ftp/patches/security/samba-4.0.3-CVE-2013-1863.patch
www.samba.org/samba/history/samba-4.0.4.html
www.samba.org/samba/security/CVE-2013-1863
launchpad.net/bugs/cve/CVE-2013-1863
nvd.nist.gov/vuln/detail/CVE-2013-1863
security-tracker.debian.org/tracker/CVE-2013-1863
www.cve.org/CVERecord?id=CVE-2013-1863