Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-20208

Опубликовано: 19 апр. 2021
Источник: debian

Описание

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
cifs-utilsfixed2:6.11-3package
cifs-utilsno-dsabusterpackage
cifs-utilsno-dsastretchpackage

Примечания

  • https://bugzilla.samba.org/show_bug.cgi?id=14651

  • https://lists.samba.org/archive/samba-technical/2021-April/136467.html

  • https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=e461afd8cfa6d0781ae0c5c10e89b6ef1ca6da32

  • Fix causes regression: https://bugs.debian.org/989080

Связанные уязвимости

ubuntu логотип

CVE-2021-20208

CVSS3: 6.1
ubuntu
почти 5 лет назад

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

redhat логотип

CVE-2021-20208

CVSS3: 6.1
redhat
почти 5 лет назад

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

nvd логотип

CVE-2021-20208

CVSS3: 6.1
nvd
почти 5 лет назад

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

msrc логотип

CVE-2021-20208

CVSS3: 6.1
msrc
почти 5 лет назад

Описание отсутствует

suse-cvrf логотип

SUSE-SU-2021:1161-1

suse-cvrf
почти 5 лет назад

Security update for cifs-utils