[3.8] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)ID: oval:org.secpod.oval:def:1801388 | Date: (C)2019-06-20 (M)2023-11-10 |
Class: PATCH | Family: unix |
Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within a Samba share. If they are able to create symlinks on a Samba share, they can create a new registry hive file anywhere they have write access, even outside a Samba share definition. Affected Versions:¶ All versions of samba since samba 3.2.0 Fixed In Version:¶ samba 4.8.11, 4.9.6 and 4.10.2
Platform: |
Alpine Linux 3.8 |