Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4476HistoryNov 13, 2013 - 3:55 p.m.
CVE-2013-4476
2013-11-1315:55:03
Debian Security Bug Tracker
security-tracker.debian.org
23
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
25.3%
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | samba | < 2:4.0.11+dfsg-1 | samba_2:4.0.11+dfsg-1_all.deb |
| Debian | 11 | all | samba | < 2:4.0.11+dfsg-1 | samba_2:4.0.11+dfsg-1_all.deb |
| Debian | 999 | all | samba | < 2:4.0.11+dfsg-1 | samba_2:4.0.11+dfsg-1_all.deb |
| Debian | 13 | all | samba | < 2:4.0.11+dfsg-1 | samba_2:4.0.11+dfsg-1_all.deb |
Related
freebsd
freebsd
samba -- Private key in key.pem world readable
2013-06-12 00:00:00
f5
f5
K15642 : Samba vulnerability CVE-2013-4476
2014-10-02 00:00:00
SOL15642 - Samba vulnerability CVE-2013-4476
2014-10-02 00:00:00
cvelist
cvelist
CVE-2013-4476
2013-11-13 15:00:00
samba
samba
Private key in key.pem world readable
2013-11-11 00:00:00
nessus
nessus
FreeBSD : samba -- Private key in key.pem world readable (479efd57-516e-11e3-9b62-000c292e4fd8)
2013-11-20 00:00:00
Samba < 3.6.20 / 4.0.11 / 4.1.1 Multiple Vulnerabilities
2014-06-09 00:00:00
Slackware 14.0 / 14.1 / current : samba (SSA:2013-322-03)
2013-11-19 00:00:00
openvas
openvas
Samba 4.0.0 <= 4.0.10, 4.1.0 Information Disclosure Vulnerability (CVE-2013-4476)
2021-09-24 00:00:00
Slackware: Security Advisory (SSA:2013-322-03)
2022-04-21 00:00:00
Gentoo Security Advisory GLSA 201502-15
2015-09-29 00:00:00
prion
prion
Design/Logic Flaw
2013-11-13 15:55:00
nvd
nvd
CVE-2013-4476
2013-11-13 15:55:03
ubuntucve
ubuntucve
CVE-2013-4476
2013-11-13 00:00:00
cve
cve
CVE-2013-4476
2013-11-13 15:55:03
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.0.11-alt1
2013-11-12 00:00:00
Security fix for the ALT Linux 10 package samba version 4.0.11-alt1
2013-11-12 00:00:00
Security fix for the ALT Linux 8 package samba version 4.0.11-alt1
2013-11-12 00:00:00
slackware
slackware
[slackware-security] samba
2013-11-19 01:51:01
gentoo
gentoo
Samba: Multiple vulnerabilities
2015-02-25 00:00:00
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
25.3%
Related for DEBIANCVE:CVE-2013-4476