Back to search
CVE-2013-6442
Published: Mar 14, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.samba.org/samba/history/samba-4.1.6.html
x_refsource_CONFIRM
FEDORA-2014-9132
vendor-advisory
x_refsource_FEDORA
http://www.samba.org/samba/security/CVE-2013-6442
x_refsource_CONFIRM
http://www.samba.org/samba/history/samba-4.0.16.html
x_refsource_CONFIRM
FEDORA-2014-7672
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2014:0404
vendor-advisory
x_refsource_SUSE
https://bugzilla.samba.org/show_bug.cgi?id=10327
x_refsource_CONFIRM
66232
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now