Samba 'CAP_DAC_OVERRIDE' File Permission Security Bypass (version check)

High Nessus Plugin ID 45046


The remote file server is vulnerable to a security bypass attack.


The remote Samba server is potentially affected by a security bypass vulnerability because of a flaw that causes all smbd processes, when libcap support is enabled, to inherit 'CAP_DAC_OVERRIDE' capabilities, which in turn causes all file system access to be allowed even when permissions should have been denied.

A remote, authenticated attacker may be able to exploit this flaw to gain access to sensitive information on Samba shares that are accessible to their user id.


Upgrade to Samba 3.3.12, 3.4.7, 3.5.1, or later.

See Also

Plugin Details

Severity: High

ID: 45046

File Name: samba_file_permissions_security_bypass_version.nasl

Version: $Revision: 1.9 $

Type: remote

Family: Misc.

Published: 2010/03/12

Modified: 2016/05/13

Dependencies: 10785

Risk Information

Risk Factor: High


Base Score: 8.5

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:samba:samba

Required KB Items: SMB/samba, SMB/NativeLanManager, SMB/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/03/09

Vulnerability Publication Date: 2010/03/09

Reference Information

CVE: CVE-2010-0728

BID: 38606

OSVDB: 62803

CWE: 264