QwikSec

Security Database

CVE

CWE

Training

CVE-2009-2813

Published: Sep 14, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_HP

http://news.samba.org/releases/3.4.2/

x_refsource_CONFIRM

20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat

mailing-list

x_refsource_BUGTRAQ

FEDORA-2009-10172

vendor-advisory

x_refsource_FEDORA

oval:org.mitre.oval:def:9191

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_HP

http://news.samba.org/releases/3.2.15/

x_refsource_CONFIRM

APPLE-SA-2009-09-10-2

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_SUNALERT

vdb-entry

x_refsource_VUPEN

SSA:2009-276-01

vendor-advisory

x_refsource_SLACKWARE

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_UBUNTU

http://news.samba.org/releases/3.0.37/

x_refsource_CONFIRM

http://www.samba.org/samba/security/CVE-2009-2813.html

x_refsource_CONFIRM

oval:org.mitre.oval:def:7257

vdb-entry

signature

x_refsource_OVAL

http://support.apple.com/kb/HT3865

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://news.samba.org/releases/3.3.8/

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://wiki.rpath.com/Advisories:rPSA-2009-0145

x_refsource_CONFIRM

oval:org.mitre.oval:def:7211

vdb-entry

signature

x_refsource_OVAL

SUSE-SR:2009:017

vendor-advisory

x_refsource_SUSE

macosx-smb-security-bypass(53174)

vdb-entry

x_refsource_XF

oval:org.mitre.oval:def:7791

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_OSVDB

FEDORA-2009-10180

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.