New Search

smbd access control list remote modification vulnerability

oval:org.mitre.oval:def:7292

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35 3.1.x and 3.2.x before 3.2.13 and 3.3.x before 3.3.6 when dos filemode is enabled allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2009-1888
Product(s):