CVE-2019-3880 (retired)

Priority
Description
A flaw was found in the way samba implemented an RPC endpoint emulating the
Windows registry service API. An unprivileged attacker could use this flaw
to create a new registry hive file anywhere they have unix permissions
which could lead to creation of a new file in the Samba share. Versions
before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
Assigned-to
mdeslaur
Package
Source: samba (LP Ubuntu Debian)
Upstream:released (4.8.11,4.9.6,4.10.2)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.6.25-0ubuntu0.12.04.17)
Ubuntu 14.04 LTS (Trusty Tahr):released (2:4.3.11+dfsg-0ubuntu0.14.04.20)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:4.3.11+dfsg-0ubuntu0.16.04.19)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:4.7.6+dfsg~ubuntu-0ubuntu2.9)
Ubuntu 18.10 (Cosmic Cuttlefish):released (2:4.8.4+dfsg-2ubuntu2.3)
Ubuntu 19.04 (Disco Dingo):released (2:4.10.0+dfsg-0ubuntu2)
More Information

Updated: 2019-04-10 17:15:09 UTC (commit 78189f3f45cd643c453b1cca72104b9c8426cf9c)