CVE-2015-7560

Priority
Description
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x
before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote
authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to
create a symlink, and then using a non-UNIX SMB1 call to write to the ACL
content.
Assigned-to
mdeslaur
Notes
Package
Source: samba (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.6.3-2ubuntu2.17)
Ubuntu 14.04 ESM (Trusty Tahr):released (2:4.1.6+dfsg-1ubuntu2.14.04.13)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.6+dfsg-1ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:42:56 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)