QwikSec

Security Database

CVE

CWE

Training

CVE-2015-7560

Published: Mar 13, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

openSUSE-SU-2016:1064

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0837

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:0813

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:0877

vendor-advisory

x_refsource_SUSE

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

FEDORA-2016-cad77a4576

vendor-advisory

x_refsource_FEDORA

SUSE-SU-2016:0814

vendor-advisory

x_refsource_SUSE

https://www.samba.org/samba/security/CVE-2015-7560.html

x_refsource_CONFIRM

https://bugzilla.samba.org/show_bug.cgi?id=11648

x_refsource_CONFIRM

openSUSE-SU-2016:1106

vendor-advisory

x_refsource_SUSE

FEDORA-2016-4b55f00d00

vendor-advisory

x_refsource_FEDORA

FEDORA-2016-ed1587f6ba

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2016:1107

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0905

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:0816

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.