QwikSec

Security Database

CVE

CWE

Training

CVE-2009-1888

Published: Jun 24, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_DEBIAN

http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch

x_refsource_CONFIRM

http://www.samba.org/samba/security/CVE-2009-1888.html

x_refsource_CONFIRM

20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat

mailing-list

x_refsource_BUGTRAQ

samba-acl-security-bypass(51327)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

SSA:2009-177-01

vendor-advisory

x_refsource_SLACKWARE

vdb-entry

x_refsource_BID

oval:org.mitre.oval:def:7292

vdb-entry

signature

x_refsource_OVAL

http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

oval:org.mitre.oval:def:10790

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_MANDRIVA

http://wiki.rpath.com/Advisories:rPSA-2009-0145

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.