Samba CVE-2017-2619 Symlink Vulnerability



Samba is prone to a symlink vulnerability.

An attacker can exploit this issue to access files outside of the restricted directory and perform other attacks.

Information

Bugtraq ID: 97033
Class: Design Error
CVE: CVE-2017-2619

Remote: Yes
Local: No
Published: Mar 23 2017 12:00AM
Credit: the Samba project
Vulnerable: Ubuntu Ubuntu Linux 16.10
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS
SuSE Linux Enterprise Software Development Kit 12 SP2
SuSE Linux Enterprise Software Development Kit 12 SP1
SuSE Linux Enterprise Software Development Kit 11 SP4
SuSE Linux Enterprise Server for SAP 12
SuSE Linux Enterprise Server for Raspberry Pi 12-SP2
SuSE Linux Enterprise Server 12-SP2
SuSE Linux Enterprise Server 12-SP1
SuSE Linux Enterprise Server 12-LTSS
SuSE Linux Enterprise Server 11 SP4
SuSE Linux Enterprise High Availability 12-SP2
SuSE Linux Enterprise High Availability 12-SP1
SuSE Linux Enterprise High Availability 12
SuSE Linux Enterprise Desktop 12-SP2
SuSE Linux Enterprise Desktop 12-SP1
SuSE Linux Enterprise Debuginfo 11 SP4
Slackware Linux 14.2
Slackware Linux 14.1
Slackware Linux 14.0
Samba Samba 4.6
Samba Samba 4.5.6
Samba Samba 4.5.5
Samba Samba 4.5.4
Samba Samba 4.5.1
Samba Samba 4.5
Samba Samba 4.4.10
Samba Samba 4.4.9
Samba Samba 4.4.7
Samba Samba 4.4.6
Samba Samba 4.4.1
Samba Samba 4.4
Samba Samba 4.5.3
Samba Samba 4.5.2
Samba Samba 4.4.8
Samba Samba 4.4.5
Samba Samba 4.4.4
Samba Samba 4.4.3
Samba Samba 4.4.2
Redhat Gluster Storage 3.1
Redhat Gluster Storage 3.0
openSUSE Leap 42.2
openSUSE Leap 42.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 ia-30
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Debian Linux 6


Not Vulnerable: Samba Samba 4.6.1
Samba Samba 4.5.7
Samba Samba 4.4.11



Related Posts

Comments