| VID |
23304 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The version of Samba running on the remote host is 4.9.x prior to 4.9.13, 4.10.x prior to 4.10.8, or 4.11.x prior to 4.11.0rc3. It is, therefore, affected by security bypass vulnerability. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
* References:
https://www.samba.org/samba/security/CVE-2019-10197.html
* Platforms Affected:
Samba Project, Samba versions 4.11.x before 4.11.0rc3
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba 4.11.0rc3 or later, available from the Samba Web site at https://www.samba.org/samba/download/ |
| Related URL |
CVE-2019-10197 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
