Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.100488
Categoría:Remote file access
Título:Samba Symlink Directory Traversal Vulnerability
Resumen:Samba is prone to a directory-traversal vulnerability because the; application fails to sufficiently sanitize user-supplied input.
Descripción:Summary:
Samba is prone to a directory-traversal vulnerability because the
application fails to sufficiently sanitize user-supplied input.

Vulnerability Insight:
To exploit this issue, attackers require authenticated access to a
writable share. Note that this issue may be exploited through a writable share accessible by guest accounts.

Vulnerability Impact:
Exploits would allow an attacker to access files outside of the Samba
user's root directory to obtain sensitive information and perform other attacks.

Affected Software/OS:
Samba versions before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3.

Solution:
The vendor commented on the issue stating that it stems from an
insecure default configuration. The Samba team advises administrators to set 'wide links = no' in
the '[global]' section of 'smb.conf' and then restart the service to correct misconfigured services.

Please see the references for more information.

CVSS Score:
3.5

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:N/A:N

Referencia Cruzada: BugTraq ID: 38111
Common Vulnerability Exposure (CVE) ID: CVE-2010-0926
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0107.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0108.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0083.html
http://marc.info/?l=full-disclosure&m=126538598820903&w=2
http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html
http://marc.info/?l=oss-security&m=126540402215620&w=2
http://marc.info/?l=oss-security&m=126540733320471&w=2
http://marc.info/?l=oss-security&m=126539592603079&w=2
http://marc.info/?l=oss-security&m=126545363428745&w=2
http://www.openwall.com/lists/oss-security/2010/02/06/3
http://marc.info/?l=oss-security&m=126777580624790&w=2
http://www.openwall.com/lists/oss-security/2010/03/05/3
http://marc.info/?l=samba-technical&m=126539387432412&w=2
http://marc.info/?l=samba-technical&m=126540100511357&w=2
http://marc.info/?l=samba-technical&m=126540248613395&w=2
http://marc.info/?l=samba-technical&m=126540277713815&w=2
http://marc.info/?l=samba-technical&m=126540290614053&w=2
http://marc.info/?l=samba-technical&m=126540376915283&w=2
http://marc.info/?l=samba-technical&m=126540475116511&w=2
http://marc.info/?l=samba-technical&m=126540477016522&w=2
http://marc.info/?l=samba-technical&m=126540539117328&w=2
http://marc.info/?l=samba-technical&m=126540608318301&w=2
http://marc.info/?l=samba-technical&m=126540695819735&w=2
http://marc.info/?l=samba-technical&m=126540011609753&w=2
http://marc.info/?l=samba-technical&m=126547903723628&w=2
http://marc.info/?l=samba-technical&m=126548356728379&w=2
http://marc.info/?l=samba-technical&m=126549111204428&w=2
http://marc.info/?l=samba-technical&m=126555346721629&w=2
http://secunia.com/advisories/39317
SuSE Security Announcement: SUSE-SR:2010:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
CopyrightThis script is Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.