Test Kennung:	1.3.6.1.4.1.25623.1.0.810729
Kategorie:	General
Titel:	Samba Server Symlink Race Information Disclosure Vulnerability
Zusammenfassung:	Samba is prone to an information disclosure vulnerability.
Beschreibung:	Summary: Samba is prone to an information disclosure vulnerability. Vulnerability Insight: The time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploiting a symlink race to access areas of the server file system not exported under a share definition. Vulnerability Impact: Successful exploitation will allow clients to access non-exported parts of the file system via symlinks. Affected Software/OS: Samba Server versions 4.6.x before 4.6.1, Samba Server versions 4.4.x before 4.4.12, and Samba Server versions 4.5.x before 4.5.7. Solution: Upgrade to Samba 4.6.1 or 4.4.12 or 4.5.7 or later. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2619 BugTraq ID: 97033 http://www.securityfocus.com/bid/97033 Debian Security Information: DSA-3816 (Google Search) https://www.debian.org/security/2017/dsa-3816 https://www.exploit-db.com/exploits/41740/ RedHat Security Advisories: RHSA-2017:1265 https://access.redhat.com/errata/RHSA-2017:1265 RedHat Security Advisories: RHSA-2017:2338 https://access.redhat.com/errata/RHSA-2017:2338 RedHat Security Advisories: RHSA-2017:2778 https://access.redhat.com/errata/RHSA-2017:2778 RedHat Security Advisories: RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2789 http://www.securitytracker.com/id/1038117
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.