CVE-2009-1888
Published: 25 June 2009
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.
Priority
Status
Package | Release | Status |
---|---|---|
samba Launchpad, Ubuntu, Debian |
upstream |
Released
(3.2.13, 3.3.6)
|
dapper |
Not vulnerable
(code not present)
|
|
hardy |
Not vulnerable
(code not present)
|
|
intrepid |
Released
(2:3.2.3-1ubuntu3.6)
|
|
jaunty |
Released
(2:3.3.2-1ubuntu3.2)
|
|
Patches: upstream: http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch upstream: http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch upstream: http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch |