Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-1888
HistoryJun 25, 2009 - 1:30 a.m.

CVE-2009-1888

2009-06-2501:30:01
CWE-264
[email protected]
web.nvd.nist.gov
52
2
samba
acl
cve-2009-1888
security vulnerability
remote attack

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.1%

JSON

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

Affected configurations

NVD
Node
sambasambaRange3.0.313.0.35
OR
sambasambaRange3.2.03.2.13
OR
sambasambaRange3.3.03.3.6
Node
debiandebian_linuxMatch4.0
OR
debiandebian_linuxMatch5.0
Node
canonicalubuntu_linuxMatch6.06lts
OR
canonicalubuntu_linuxMatch8.04lts
OR
canonicalubuntu_linuxMatch8.10
OR
canonicalubuntu_linuxMatch9.04

References

Social References

More

Related

samba 1
ubuntucve 1
debiancve 1
veracode 1
prion 1
openvas 29
nvd 1
cvelist 1
slackware 1
seebug 1
osv 1
nessus 43
securityvulns 2
debian 1
redhat 2
centos 1
oraclelinux 1
vmware 2
ubuntu 1
suse 1
samba
samba
Uninitialized read of a data value
2009-06-23 00:00:00
ubuntucve
ubuntucve
CVE-2009-1888
2009-06-25 00:00:00
debiancve
debiancve
CVE-2009-1888
2009-06-25 01:30:01
veracode
veracode
Unauthorized Access Control Modification
2020-04-10 00:39:56
prion
prion
Code injection
2009-06-25 01:30:00
openvas
openvas
Samba Format String Vulnerability
2009-06-30 00:00:00
SLES10: Security update for Samba
2009-10-13 00:00:00
Slackware Advisory SSA:2009-177-01 samba
2012-09-11 00:00:00
nvd
nvd
CVE-2009-1888
2009-06-25 01:30:01
cvelist
cvelist
CVE-2009-1888
2009-06-24 22:00:00
slackware
slackware
samba
2009-06-27 01:39:28
seebug
seebug
Samba格式串和安全绕过漏洞
2009-06-25 00:00:00
osv
osv
samba - several vulnerabilities
2009-06-25 00:00:00
nessus
nessus
openSUSE Security Update : cifs-mount (cifs-mount-1036)
2009-07-21 00:00:00
Debian DSA-1823-1 : samba - several vulnerabilities
2009-06-30 00:00:00
SuSE 11 Security Update : Samba (SAT Patch Number 1053)
2009-09-24 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-26 00:00:00
Samba security vulnerabilities
2009-06-26 00:00:00
debian
debian
[SECURITY] [DSA 1823-1] New samba packages fix several vulnerabilities
2009-06-25 19:08:42
redhat
redhat
(RHSA-2009:1585) Moderate: samba3x security and bug fix update
2009-11-16 00:00:00
(RHSA-2009:1529) Moderate: samba security update
2009-10-27 00:00:00
centos
centos
samba security update
2009-10-27 19:23:21
oraclelinux
oraclelinux
samba security update
2009-10-27 00:00:00
vmware
vmware
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2009-10-01 00:00:00
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.1%

JSON
Related for CVE-2009-1888
samba1ubuntucve1debiancve1veracode1prion1openvas29nvd1cvelist1slackware1seebug1osv1nessus43securityvulns2debian1redhat2centos1oraclelinux1vmware2ubuntu1suse1