Samba CVE-2019-3870 Local Insecure File Permissions Vulnerability

Samba is prone to a local insecure-file-permissions vulnerability.

A local attacker can exploit this issue by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks.


Bugtraq ID: 107798
Class: Design Error
CVE: CVE-2019-3870

Remote: No
Local: Yes
Published: Apr 08 2019 12:00AM
Updated: Apr 08 2019 12:00AM
Credit: Björn Baumbach
Vulnerable: Samba Samba 4.10.1
Samba Samba 4.9.5
Samba Samba 4.9.4
Samba Samba 4.9.3
Samba Samba 4.9.2
Samba Samba 4.9.1
Samba Samba 4.9
Samba Samba 4.10

Not Vulnerable: Samba Samba 4.10.2
Samba Samba 4.9.6


An attacker can exploit this issue using readily available tools.

Related Posts