Описание
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:4.0.13+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2:4.0.13+dfsg-1ubuntu1 |
| esm-infra/xenial | not-affected | 2:4.0.13+dfsg-1ubuntu1 |
| lucid | released | 2:3.4.7~dfsg-1ubuntu3.13 |
| precise | released | 2:3.6.3-2ubuntu2.9 |
| precise/esm | not-affected | 2:3.6.3-2ubuntu2.9 |
| quantal | released | 2:3.6.6-3ubuntu5.3 |
| raring | released | 2:3.6.9-1ubuntu1.2 |
| saucy | released | 2:3.6.18-1ubuntu3.1 |
| trusty | released | 2:4.0.13+dfsg-1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
4 Medium
CVSS2
Связанные уязвимости
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1. ...
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
Уязвимость функции vfs_streams_depot or vfs_streams_xattr пакета программ сетевого взаимодействия Samba, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
4 Medium
CVSS2