← back
CVE-2009-1888

CVE-2009-1888

EPSS 4.6%
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/35539http://secunia.com/advisories/35573http://secunia.com/advisories/35606http://secunia.com/advisories/36918https://exchange.xforce.ibmcloud.com/vulnerabilities/51327https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292http://wiki.rpath.com/Advisories:rPSA-2009-0145http://www.debian.org/security/2009/dsa-1823http://www.mandriva.com/security/advisories?name=MDVSA-2009:196http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patchhttp://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch