CVE-2009-2813 (retired)

Priority
Description
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12
through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when
Windows File Sharing is enabled, Fedora 11, and other operating systems,
does not properly handle errors in resolving pathnames, which allows remote
authenticated users to bypass intended sharing restrictions, and read,
create, or modify files, in certain circumstances involving user accounts
that lack home directories.
Notes
 jdstrand> from Apple's security announce: "An unchecked error condition exists
  in Samba. A user who does not have a configured home directory, and connects
  to the Windows File Sharing service, will be able to access the contents of
  the file system, subject to local file system permissions. This update
  addresses the issue by improving the handling of path resolution errors."
Package
Source: samba (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-08-23 08:36:19 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)