Описание
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.
Ссылки
- ExploitIssue TrackingVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
- ExploitIssue TrackingVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
2.5 Low
CVSS3
1.2 Low
CVSS2
Дефекты
Связанные уязвимости
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.
All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.
EPSS
2.5 Low
CVSS3
1.2 Low
CVSS2