Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Title:Samba Server Symlink Race Information Disclosure Vulnerability
Summary:Samba is prone to an information disclosure vulnerability.
Samba is prone to an information disclosure vulnerability.

Vulnerability Insight:
The time-of-check, time-of-use race
condition in Samba, a SMB/CIFS file, print, and login server for Unix.
A malicious client can take advantage of this flaw by exploiting a symlink
race to access areas of the server file system not exported under a share

Vulnerability Impact:
Successful exploitation will allow clients
to access non-exported parts of the file system via symlinks.

Affected Software/OS:
Samba Server versions 4.6.x before 4.6.1,

Samba Server versions 4.4.x before 4.4.12, and

Samba Server versions 4.5.x before 4.5.7.

Upgrade to Samba 4.6.1 or 4.4.12 or 4.5.7 or later.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-2619
BugTraq ID: 97033
Debian Security Information: DSA-3816 (Google Search)
RedHat Security Advisories: RHSA-2017:1265
RedHat Security Advisories: RHSA-2017:2338
RedHat Security Advisories: RHSA-2017:2778
RedHat Security Advisories: RHSA-2017:2789
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.