|Title:||Samba Server Symlink Race Information Disclosure Vulnerability|
|Summary:||Samba is prone to an information disclosure vulnerability.|
Samba is prone to an information disclosure vulnerability.
The time-of-check, time-of-use race
condition in Samba, a SMB/CIFS file, print, and login server for Unix.
A malicious client can take advantage of this flaw by exploiting a symlink
race to access areas of the server file system not exported under a share
Successful exploitation will allow clients
to access non-exported parts of the file system via symlinks.
Samba Server versions 4.6.x before 4.6.1,
Samba Server versions 4.4.x before 4.4.12, and
Samba Server versions 4.5.x before 4.5.7.
Upgrade to Samba 4.6.1 or 4.4.12 or 4.5.7 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2017-2619|
BugTraq ID: 97033
Debian Security Information: DSA-3816 (Google Search)
RedHat Security Advisories: RHSA-2017:1265
RedHat Security Advisories: RHSA-2017:2338
RedHat Security Advisories: RHSA-2017:2778
RedHat Security Advisories: RHSA-2017:2789
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.