6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
samba is vulnerable to authorization bypass. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.
lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html
lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html
lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
www.debian.org/security/2016/dsa-3514
www.securityfocus.com/bid/84267
www.securitytracker.com/id/1035220
www.ubuntu.com/usn/USN-2922-1
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1315736
bugzilla.samba.org/show_bug.cgi?id=11648
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842
rhn.redhat.com/errata/RHSA-2016-0447.html
www.samba.org/samba/security/CVE-2015-7560.html
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N