Veracode Vulnerability DatabaseVERACODE:24981Information Disclosure
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
samba is vulnerable to information disclosure. The vulnerability exists as the default Samba server configuration enabled both the “wide links” and “unix extensions” options, allowing Samba clients with write access to a share to create symbolic links that point to any location on the file system. Clients connecting with CIFS UNIX extensions disabled could have such links resolved on the server, allowing them to access and possibly overwrite files outside of the share. With this update, “wide links” is set to “no” by default. In addition, the update ensures “wide links” is disabled for shares that have “unix extensions” enabled.
References
archives.neohapsis.com/archives/fulldisclosure/2010-02/0083.html
archives.neohapsis.com/archives/fulldisclosure/2010-02/0107.html
archives.neohapsis.com/archives/fulldisclosure/2010-02/0108.html
blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html
gitweb.samba.org/?p=samba.git;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4
lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
marc.info/?l=full-disclosure&m=126538598820903&w=2
marc.info/?l=oss-security&m=126539592603079&w=2
marc.info/?l=oss-security&m=126540402215620&w=2
marc.info/?l=oss-security&m=126540733320471&w=2
marc.info/?l=oss-security&m=126545363428745&w=2
marc.info/?l=oss-security&m=126777580624790&w=2
marc.info/?l=samba-technical&m=126539387432412&w=2
marc.info/?l=samba-technical&m=126540011609753&w=2
marc.info/?l=samba-technical&m=126540100511357&w=2
marc.info/?l=samba-technical&m=126540248613395&w=2
marc.info/?l=samba-technical&m=126540277713815&w=2
marc.info/?l=samba-technical&m=126540290614053&w=2
marc.info/?l=samba-technical&m=126540376915283&w=2
marc.info/?l=samba-technical&m=126540475116511&w=2
marc.info/?l=samba-technical&m=126540477016522&w=2
marc.info/?l=samba-technical&m=126540539117328&w=2
marc.info/?l=samba-technical&m=126540608318301&w=2
marc.info/?l=samba-technical&m=126540695819735&w=2
marc.info/?l=samba-technical&m=126547903723628&w=2
marc.info/?l=samba-technical&m=126548356728379&w=2
marc.info/?l=samba-technical&m=126549111204428&w=2
marc.info/?l=samba-technical&m=126555346721629&w=2
secunia.com/advisories/39317
www.openwall.com/lists/oss-security/2010/02/06/3
www.openwall.com/lists/oss-security/2010/03/05/3
www.samba.org/samba/news/symlink_attack.html
access.redhat.com/errata/RHSA-2012:0313
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=562568
bugzilla.samba.org/show_bug.cgi?id=7104
Related
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N