what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2009-2813

Status Candidate

Overview

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.

Related Files

VMware Security Advisory 2010-0006
Posted Apr 2, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - This ESX service console update addresses security issues regarding samba and acpid.

tags | advisory
advisories | CVE-2009-2906, CVE-2009-1888, CVE-2009-2813, CVE-2009-2948, CVE-2009-0798
SHA-256 | 00441a9ab5817c9f0ed67e7dff7af17dd695c35fa919b9a5e9c0d08c8f836e96
HP Security Bulletin HPSBUX02479 SSRT090212
Posted Feb 3, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP CIFS Server (Samba). The vulnerability could be exploited to gain remote unauthorized access.

tags | advisory, remote
systems | hpux
advisories | CVE-2009-2813
SHA-256 | 8134d70d0b7e85177ea8643f05167f8067e6c7037962fb2bd562a83c4cffb05b
Mandriva Linux Security Advisory 2009-320
Posted Dec 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-320 - The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory. The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. The version of samba shipping with Mandriva Linux 2008.0 has been updated to the latest version (3.0.37) that includes the fixes for these issues.

tags | advisory, remote, denial of service, local, root
systems | linux, windows, apple, osx, mandriva
advisories | CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 4e7520ff7d1babb15111d3105dfb051558830145524556af71d6fc049c24dfd4
Debian Linux Security Advisory 1908-1
Posted Oct 14, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1908-1 - Several vulnerabilities have been discovered in samba, an implementation of the SMB/CIFS protocol for Unix systems, providing support for cross-platform file and printer sharing with other operating systems and more.

tags | advisory, vulnerability, protocol
systems | linux, unix, debian
advisories | CVE-2009-2948, CVE-2009-2906, CVE-2009-2813
SHA-256 | 139f7c0a545333cadcc58e4380f9f23f6f527e46412d73874e234bd6d5cd3d86
Mandriva Linux Security Advisory 2009-277
Posted Oct 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-277 - The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. The versions of samba shipping with Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version that includes the fixes for these issues. Additionally for 2009.1 the version upgrade provides many upstream bug fixes such as improved Windows(tm) 7 support. The version for CS3 has been patched to address these security issues.

tags | advisory, remote, denial of service, local, root
systems | linux, windows, apple, osx, mandriva
advisories | CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 564b43ce5625ecfdb2e94fe2d683b77bfc50b228448e6fd69fa7cdf6df12f73e
Ubuntu Security Notice 839-1
Posted Oct 2, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 839-1 - J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. Tim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. Reinhard discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04.

tags | advisory, remote, denial of service, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-1886, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 4f0c9ac114c1548958e5f616590708327ff29bbee5a4e6d2370a6e40f4bbd33e
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close