// For flags

CVE-2009-1888

Samba improper file access

Severity Score

5.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

La función acl_group_override en smbd/posix_acls.c en smbd en Samba v3.0.x anterior a v3.0.35, v3.1.x y v3.2.x anterior a v3.2.13, y v3.3.x anterior 3.3.6, cuando el modo de fichero dos está habilitado, permite a atacantes remotos modificar la lista de control de acceso para ficheros a través de vectores relacionados con acceso de lectura a memoria sin inicializar.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
Attack Vector
Adjacent
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-06-02 CVE Reserved
  • 2009-06-24 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (21)
URL Tag Source
http://secunia.com/advisories/35539 Third Party Advisory
http://secunia.com/advisories/35573 Third Party Advisory
http://secunia.com/advisories/35606 Third Party Advisory
http://secunia.com/advisories/36918 Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0145 Third Party Advisory
http://www.securityfocus.com/archive/1/507856/100/0/threaded Mailing List
http://www.securitytracker.com/id?1022442 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/51327 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292 Signature
URL Date SRC
http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch 2024-08-07
http://www.securityfocus.com/bid/35472 2024-08-07
URL Date SRC
http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch 2022-08-29
http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch 2022-08-29
http://www.samba.org/samba/security/CVE-2009-1888.html 2022-08-29
URL Date SRC
http://www.debian.org/security/2009/dsa-1823 2022-08-29
http://www.mandriva.com/security/advisories?name=MDVSA-2009:196 2022-08-29
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591 2022-08-29
http://www.ubuntu.com/usn/USN-839-1 2022-08-29
https://access.redhat.com/security/cve/CVE-2009-1888 2009-11-16
https://bugzilla.redhat.com/show_bug.cgi?id=506996 2009-11-16
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Samba
Search vendor "Samba"
 Samba
Search vendor "Samba" for product "Samba"
 >= 3.0.31 <= 3.0.35
Search vendor "Samba" for product "Samba" and version " >= 3.0.31 <= 3.0.35"
-
Affected
Samba
Search vendor "Samba"
 Samba
Search vendor "Samba" for product "Samba"
 >= 3.2.0 < 3.2.13
Search vendor "Samba" for product "Samba" and version " >= 3.2.0 < 3.2.13"
-
Affected
Samba
Search vendor "Samba"
 Samba
Search vendor "Samba" for product "Samba"
 >= 3.3.0 < 3.3.6
Search vendor "Samba" for product "Samba" and version " >= 3.3.0 < 3.3.6"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 4.0
Search vendor "Debian" for product "Debian Linux" and version "4.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 5.0
Search vendor "Debian" for product "Debian Linux" and version "5.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 6.06
Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 8.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 8.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "8.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 9.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "9.04"
-
Affected