| VID |
23221 |
| Severity |
20 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
A version of Samba server which is older than 3.0.35 / 3.2.13 / 3.3.6 is security bypass vulnerability. Access restrictions can be bypassed due to a read of uninitialized data in smbd. This could allow a user to modify an access control list (ACL), even when they should be denied permission.
Note the 'dos filemode' parameter must be set to 'yes' in smb.conf
in order for an attack to be successful (the default setting is 'no').
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://us1.samba.org/samba/security/CVE-2009-1888.html
http://us1.samba.org/samba/security/CVE-2009-1886.html
* Platforms Affected:
Samba Project, Samba versions prior to 3.0.35 / 3.2.13 / 3.3.6
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba (3.0.35 / 3.2.13 / 3.3.6 or later), available from the Samba Web site at http://us1.samba.org/samba/ |
| Related URL |
CVE-2009-1886,CVE-2009-1888 (CVE) |
| Related URL |
35472 (SecurityFocus) |
| Related URL |
(ISS) |
|
