CVE-2017-2619

Published: Mar 12, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

Vendor	Product	Versions
Samba	samba	affected `4.6.1` affected `4.5.7` affected `4.4.11`

Weaknesses (CWE)

CWE-362

References

RHSA-2017:2778

vendor-advisory

x_refsource_REDHAT

DSA-3816

vendor-advisory

x_refsource_DEBIAN

97033

vdb-entry

x_refsource_BID

41740

exploit

x_refsource_EXPLOIT-DB

1038117

vdb-entry

x_refsource_SECTRACK

RHSA-2017:2338

vendor-advisory

x_refsource_REDHAT

https://www.samba.org/samba/security/CVE-2017-2619.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1429472

x_refsource_CONFIRM

RHSA-2017:1265

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2789

vendor-advisory

x_refsource_REDHAT

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03755en_us

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-2619

Description

Affected Products

Weaknesses (CWE)

References