Описание
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:4.7.6+dfsg~ubuntu-0ubuntu2.9 |
| cosmic | released | 2:4.8.4+dfsg-2ubuntu2.3 |
| devel | released | 2:4.10.0+dfsg-0ubuntu2 |
| esm-infra-legacy/trusty | released | 2:4.3.11+dfsg-0ubuntu0.14.04.20 |
| esm-infra/bionic | released | 2:4.7.6+dfsg~ubuntu-0ubuntu2.9 |
| esm-infra/xenial | released | 2:4.3.11+dfsg-0ubuntu0.16.04.19 |
| precise/esm | not-affected | 2:3.6.25-0ubuntu0.12.04.17 |
| trusty | released | 2:4.3.11+dfsg-0ubuntu0.14.04.20 |
| trusty/esm | released | 2:4.3.11+dfsg-0ubuntu0.14.04.20 |
| upstream | released | 4.8.11,4.9.6,4.10.2 |
Показывать по
5.5 Medium
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
A flaw was found in the way samba implemented an RPC endpoint emulatin ...
5.5 Medium
CVSS2
5.4 Medium
CVSS3