Samba 'group_mapping.ldb' Has Unsafe Permissions That Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1020770
|
|
SecurityTracker URL: http://securitytracker.com/id?1020770
|
|
CVE Reference: CVE-2008-3789
(Links to External Site)
|
Date: Aug 27 2008
|
Impact: Root access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 3.2.0 - 3.2.2
|
Description: A vulnerability was reported in Samba. A local user can obtain elevated privileges on the target system.
The system creates the 'group_mapping.ldb' file with 0666 permissions. A local user can edit the SID mappings in the file and then
subsequently connect to the file server with root privileges.
Sascha Herrmann reported this vulnerability.
|
Impact: A local user can obtain root privileges on the target file server.
|
Solution: The vendor has issued a fix (3.2.3).
Some patches for prior versions are available at:
http://www.samba.org/samba/security/
The vendor's advisory is available at:
http://samba.org/samba/security/CVE-2008-3789.html
|
Vendor URL: samba.org/samba/security/CVE-2008-3789.html (Links to External Site)
|
Cause: Access control error, Configuration error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 27 Aug 2008 15:22:26 -0400
Subject: Samba
|
http://samba.org/samba/security/CVE-2008-3789.html
CVE-2008-3789
|
|
