CVE-2019-3870

Source
https://nvd.nist.gov/vuln/detail/CVE-2019-3870
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3870.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-3870
Related
Published
2019-04-09T16:29:01Z
Modified
2024-09-18T03:06:29.630763Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

References

Affected packages

Debian:11 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.9.5+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.9.5+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.9.5+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events

Affected versions

ldb-1.*

ldb-1.4.3
ldb-1.4.4
ldb-1.4.5
ldb-1.4.6

samba-4.*

samba-4.9.0
samba-4.9.1
samba-4.9.2
samba-4.9.3
samba-4.9.4
samba-4.9.5