Lucene search

[email protected]NVD:CVE-2010-0728

HistoryMar 10, 2010 - 8:13 p.m.

CVE-2010-0728

2010-03-1020:13:03

CWE-264

[email protected]

web.nvd.nist.gov

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.

Affected configurations

NVD

Node

sambasambaMatch3.3.11

sambasambaMatch3.4.6

sambasambaMatch3.5.0

References

lists.samba.org/archive/samba-announce/2010/000211.html

www.samba.org/samba/history/samba-3.3.12.html

www.samba.org/samba/history/samba-3.4.7.html

www.samba.org/samba/history/samba-3.5.1.html

www.samba.org/samba/security/CVE-2010-0728

bugzilla.samba.org/show_bug.cgi?id=7222

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for NVD:CVE-2010-0728

cvelist1 nessus7 debiancve1 fedora4 redhatcve1 openvas9 prion1 samba1 ubuntucve1 cve1 seebug1 gentoo1