Vulnerability DatabaseCVE-2010-0926
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2010-0926
March 09, 2010
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
Related Resources (37)
http://marc.info/?l=samba-technical&m=126549111204428&w=2
http://www.samba.org/samba/news/symlink_attack.html
http://blog.metasploit.com/2010/02/exploiting-samba-symlink-traversal.html
https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0926
http://marc.info/?l=oss-security&m=126539592603079&w=2
http://marc.info/?l=samba-technical&m=126540539117328&w=2
http://marc.info/?l=samba-technical&m=126540248613395&w=2
http://marc.info/?l=samba-technical&m=126540608318301&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0108.html
http://marc.info/?l=samba-technical&m=126540011609753&w=2
http://www.openwall.com/lists/oss-security/2010/02/06/3
http://marc.info/?l=samba-technical&m=126540277713815&w=2
http://marc.info/?l=samba-technical&m=126540475116511&w=2
http://marc.info/?l=oss-security&m=126540733320471&w=2
http://marc.info/?l=samba-technical&m=126555346721629&w=2
https://bugzilla.samba.org/show_bug.cgi?id=7104
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
http://gitweb.samba.org/?p=samba.git%3Ba=commit%3Bh=bd269443e311d96ef495a9db47d1b95eb83bb8f4
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://marc.info/?l=oss-security&m=126777580624790&w=2
http://marc.info/?l=samba-technical&m=126540695819735&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=562568
http://www.openwall.com/lists/oss-security/2010/03/05/3
https://access.redhat.com/security/cve/CVE-2010-0926
http://marc.info/?l=samba-technical&m=126540290614053&w=2
http://marc.info/?l=oss-security&m=126540402215620&w=2
http://marc.info/?l=oss-security&m=126545363428745&w=2
http://marc.info/?l=samba-technical&m=126540100511357&w=2
http://marc.info/?l=samba-technical&m=126540376915283&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0083.html
http://marc.info/?l=samba-technical&m=126547903723628&w=2
http://secunia.com/advisories/39317
http://marc.info/?l=samba-technical&m=126548356728379&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0107.html
http://marc.info/?l=samba-technical&m=126539387432412&w=2
http://marc.info/?l=full-disclosure&m=126538598820903&w=2
http://marc.info/?l=samba-technical&m=126540477016522&w=2
Do you need more information?
Contact Us
CVSS v4
Base Score:
2.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
3.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE
CVSS v2
Base Score:
3.5
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
Weakness Type (CWE)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-22
EPSS
Base Score:
29.36