CVE-2009-1888

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

References

http://secunia.com/advisories/35539

http://secunia.com/advisories/35573

http://secunia.com/advisories/35606

http://secunia.com/advisories/36918

http://wiki.rpath.com/Advisories:rPSA-2009-0145

http://www.debian.org/security/2009/dsa-1823

http://www.mandriva.com/security/advisories?name=MDVSA-2009:196

http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch

http://www.samba.org/samba/security/CVE-2009-1888.html

http://www.securityfocus.com/archive/1/507856/100/0/threaded

http://www.securityfocus.com/bid/35472

http://www.securitytracker.com/id?1022442

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591

http://www.ubuntu.com/usn/USN-839-1

http://www.vupen.com/english/advisories/2009/1664

https://exchange.xforce.ibmcloud.com/vulnerabilities/51327

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292

Details

Source: MITRE

Published: 2009-06-25

Updated: 2018-11-08

Type: CWE-264

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
138426Solaris 10 (x86) : 119758-45NessusSolaris Local Security Checks
critical
138420Solaris 10 (sparc) : 119757-45NessusSolaris Local Security Checks
critical
129873Solaris 10 (x86) : 119758-44NessusSolaris Local Security Checks
critical
129869Solaris 10 (sparc) : 119757-44NessusSolaris Local Security Checks
critical
107833Solaris 10 (x86) : 119758-43NessusSolaris Local Security Checks
critical
107832Solaris 10 (x86) : 119758-38NessusSolaris Local Security Checks
critical
107831Solaris 10 (x86) : 119758-37NessusSolaris Local Security Checks
critical
107830Solaris 10 (x86) : 119758-36NessusSolaris Local Security Checks
critical
107829Solaris 10 (x86) : 119758-34NessusSolaris Local Security Checks
critical
107828Solaris 10 (x86) : 119758-33NessusSolaris Local Security Checks
critical
107827Solaris 10 (x86) : 119758-32NessusSolaris Local Security Checks
critical
107826Solaris 10 (x86) : 119758-31NessusSolaris Local Security Checks
critical
107825Solaris 10 (x86) : 119758-30NessusSolaris Local Security Checks
critical
107330Solaris 10 (sparc) : 119757-43NessusSolaris Local Security Checks
critical
107329Solaris 10 (sparc) : 119757-38NessusSolaris Local Security Checks
critical
107328Solaris 10 (sparc) : 119757-37NessusSolaris Local Security Checks
critical
107327Solaris 10 (sparc) : 119757-36NessusSolaris Local Security Checks
critical
107326Solaris 10 (sparc) : 119757-34NessusSolaris Local Security Checks
critical
107325Solaris 10 (sparc) : 119757-33NessusSolaris Local Security Checks
critical
107324Solaris 10 (sparc) : 119757-32NessusSolaris Local Security Checks
critical
107323Solaris 10 (sparc) : 119757-31NessusSolaris Local Security Checks
critical
107322Solaris 10 (sparc) : 119757-30NessusSolaris Local Security Checks
critical
89738VMware ESX Third-Party Libraries and Components Multiple Vulnerabilities (VMSA-2010-0006) (remote check)NessusVMware ESX Local Security Checks
medium
67947Oracle Linux 4 / 5 : samba (ELSA-2009-1529)NessusOracle Linux Local Security Checks
medium
63900RHEL 5 : samba3x (RHSA-2009:1585)NessusRed Hat Local Security Checks
medium
60684Scientific Linux Security Update : samba on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
45402VMSA-2010-0006 : ESX Service Console updates for samba and acpidNessusVMware ESX Local Security Checks
medium
43023Mandriva Linux Security Advisory : samba (MDVSA-2009:320)NessusMandriva Local Security Checks
medium
42286RHEL 4 / 5 : samba (RHSA-2009:1529)NessusRed Hat Local Security Checks
medium
42266CentOS 4 / 5 : samba (CESA-2009:1529)NessusCentOS Local Security Checks
medium
41968Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : samba vulnerabilities (USN-839-1)NessusUbuntu Local Security Checks
high
41483SuSE 10 Security Update : Samba (ZYPP Patch Number 6343)NessusSuSE Local Security Checks
high
41372SuSE 11 Security Update : Samba (SAT Patch Number 1053)NessusSuSE Local Security Checks
high
40521Mandriva Linux Security Advisory : samba (MDVSA-2009:196)NessusMandriva Local Security Checks
high
40198openSUSE Security Update : cifs-mount (cifs-mount-1036)NessusSuSE Local Security Checks
high
39928openSUSE Security Update : cifs-mount (cifs-mount-1036)NessusSuSE Local Security Checks
high
39568Debian DSA-1823-1 : samba - several vulnerabilitiesNessusDebian Local Security Checks
high
39559Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / current : samba (SSA:2009-177-01)NessusSlackware Local Security Checks
high
39502Samba < 3.0.35 / 3.2.13 / 3.3.6 Multiple VulnerabilitiesNessusMisc.
low
19207Solaris 10 (x86) : 119758-43 (deprecated)NessusSolaris Local Security Checks
critical
19204Solaris 10 (sparc) : 119757-43 (deprecated)NessusSolaris Local Security Checks
critical
5087Samba < 3.3.6 / 3.2.13 / 3.0.35 Multiple VulnerabilitiesNessus Network MonitorSamba
high
13609Solaris 9 (x86) : 114685-17NessusSolaris Local Security Checks
high
13559Solaris 9 (sparc) : 114684-17NessusSolaris Local Security Checks
high