Описание
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share.
Отчет
This issue affects the version of samba shipped with Red Hat Gluster Storage 3, as it contains the vulnerable functionality.
Меры по смягчению последствий
Either turn off SMB1 by setting the global parameter: 'min protocol = SMB2' or if SMB1 is required turn off unix extensions by setting the global parameter: 'unix extensions = no' in the smb.conf file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | samba | Will not fix | ||
| Red Hat Enterprise Linux 6 | samba | Will not fix | ||
| Red Hat Enterprise Linux 6 | samba4 | Will not fix | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Not affected | ||
| Red Hat Enterprise Linux 7 | samba | Fixed | RHSA-2019:2099 | 06.08.2019 |
| Red Hat Enterprise Linux 8 | samba | Fixed | RHSA-2019:3582 | 05.11.2019 |
| Red Hat Enterprise Linux 8 | samba | Fixed | RHSA-2019:3582 | 05.11.2019 |
| Red Hat Gluster Storage 3.4 for RHEL 6 | libtalloc | Fixed | RHSA-2019:1967 | 30.07.2019 |
| Red Hat Gluster Storage 3.4 for RHEL 6 | libtdb | Fixed | RHSA-2019:1967 | 30.07.2019 |
| Red Hat Gluster Storage 3.4 for RHEL 6 | libtevent | Fixed | RHSA-2019:1967 | 30.07.2019 |
Показывать по
Дополнительная информация
Статус:
4.2 Medium
CVSS3
Связанные уязвимости
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
A flaw was found in the way samba implemented an RPC endpoint emulatin ...
4.2 Medium
CVSS3