CVE-2009-1888
N/A
N/A
Summary
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.vupen.com/english/advisories/2009/1664
- http://www.debian.org/security/2009/dsa-1823
- http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch
- http://www.samba.org/samba/security/CVE-2009-1888.html
- http://www.securityfocus.com/archive/1/507856/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51327
- http://secunia.com/advisories/35573
- http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch
- http://secunia.com/advisories/35606
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591
- http://www.securityfocus.com/bid/35472
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292
- http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch
- http://www.ubuntu.com/usn/USN-839-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790
- http://secunia.com/advisories/35539
- http://secunia.com/advisories/36918
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:196
- http://wiki.rpath.com/Advisories:rPSA-2009-0145
- http://www.securitytracker.com/id?1022442
References
- http://www.vupen.com/english/advisories/2009/1664
- http://www.debian.org/security/2009/dsa-1823
- http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch
- http://www.samba.org/samba/security/CVE-2009-1888.html
- http://www.securityfocus.com/archive/1/507856/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51327
- http://secunia.com/advisories/35573
- http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch
- http://secunia.com/advisories/35606
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591
- http://www.securityfocus.com/bid/35472
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292
- http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch
- http://www.ubuntu.com/usn/USN-839-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790
- http://secunia.com/advisories/35539
- http://secunia.com/advisories/36918
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:196
- http://wiki.rpath.com/Advisories:rPSA-2009-0145
- http://www.securitytracker.com/id?1022442
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.