what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2009-2948

Status Candidate

Overview

mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.

Related Files

Gentoo Linux Security Advisory 201206-22
Posted Jun 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-22 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 3.5.15 are affected.

tags | advisory, arbitrary, root, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2906, CVE-2009-2948, CVE-2010-0728, CVE-2010-1635, CVE-2010-1642, CVE-2010-2063, CVE-2010-3069, CVE-2011-0719, CVE-2011-1678, CVE-2011-2724, CVE-2012-0870, CVE-2012-1182, CVE-2012-2111
SHA-256 | 3a8fd8a24a3985683e4babf848739763a038475b7f8effd578be0119268b2f7f
VMware Security Advisory 2010-0006
Posted Apr 2, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - This ESX service console update addresses security issues regarding samba and acpid.

tags | advisory
advisories | CVE-2009-2906, CVE-2009-1888, CVE-2009-2813, CVE-2009-2948, CVE-2009-0798
SHA-256 | 00441a9ab5817c9f0ed67e7dff7af17dd695c35fa919b9a5e9c0d08c8f836e96
Mandriva Linux Security Advisory 2009-320
Posted Dec 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-320 - The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory. The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. The version of samba shipping with Mandriva Linux 2008.0 has been updated to the latest version (3.0.37) that includes the fixes for these issues.

tags | advisory, remote, denial of service, local, root
systems | linux, windows, apple, osx, mandriva
advisories | CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 4e7520ff7d1babb15111d3105dfb051558830145524556af71d6fc049c24dfd4
Debian Linux Security Advisory 1908-1
Posted Oct 14, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1908-1 - Several vulnerabilities have been discovered in samba, an implementation of the SMB/CIFS protocol for Unix systems, providing support for cross-platform file and printer sharing with other operating systems and more.

tags | advisory, vulnerability, protocol
systems | linux, unix, debian
advisories | CVE-2009-2948, CVE-2009-2906, CVE-2009-2813
SHA-256 | 139f7c0a545333cadcc58e4380f9f23f6f527e46412d73874e234bd6d5cd3d86
Mandriva Linux Security Advisory 2009-277
Posted Oct 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-277 - The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. The versions of samba shipping with Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version that includes the fixes for these issues. Additionally for 2009.1 the version upgrade provides many upstream bug fixes such as improved Windows(tm) 7 support. The version for CS3 has been patched to address these security issues.

tags | advisory, remote, denial of service, local, root
systems | linux, windows, apple, osx, mandriva
advisories | CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 564b43ce5625ecfdb2e94fe2d683b77bfc50b228448e6fd69fa7cdf6df12f73e
Ubuntu Security Notice 839-1
Posted Oct 2, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 839-1 - J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. Tim Prouty discovered that the smbd daemon in Samba incorrectly handled certain unexpected network replies. A remote attacker could send malicious replies to the server and cause smbd to use all available CPU, leading to a denial of service. Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, would not verify user permissions before opening a credentials file. A local user could exploit this to use or read the contents of unauthorized credential files. Reinhard discovered that the smbclient utility contained format string vulnerabilities in its file name handling. Because of security features in Ubuntu, exploitation of this vulnerability is limited. If a user or automated system were tricked into processing a specially crafted file name, smbclient could be made to crash, possibly leading to a denial of service. This only affected Ubuntu 8.10. Jeremy Allison discovered that the smbd daemon in Samba incorrectly handled permissions to modify access control lists when dos filemode is enabled. A remote attacker could exploit this to modify access control lists. This only affected Ubuntu 8.10 and Ubuntu 9.04.

tags | advisory, remote, denial of service, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-1886, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948
SHA-256 | 4f0c9ac114c1548958e5f616590708327ff29bbee5a4e6d2370a6e40f4bbd33e
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close