Ubuntu Security Notice 4121-1 - Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem.
1367c76bd694c824968013e80840ec4423f8c145a8687f47480c0f08138b555d=========================================================================
Ubuntu Security Notice USN-4121-1
September 03, 2019
samba vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
Summary:
Samba would allow unintended access to files over the network.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
Stefan Metzmacher discovered that the Samba SMB server did not properly
prevent clients from escaping outside the share root directory in
some situations. An attacker could use this to gain access to files
outside of the Samba share, where allowed by the permissions of the
underlying filesystem.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
samba 2:4.10.0+dfsg-0ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4121-1
CVE-2019-10197
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed