CVE-2009-1888

{"id": "CVE-2009-1888", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-06-25T01:30:01.750", "references": [{"url": "http://secunia.com/advisories/35539", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/35573", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/35606", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/36918", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0145", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1823", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:196", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.samba.org/samba/security/CVE-2009-1888.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/507856/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/35472", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1022442", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-839-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/1664", "tags": ["Permissions Required", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51327", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory."}, {"lang": "es", "value": "La funci\u00f3n acl_group_override en smbd/posix_acls.c en smbd en Samba v3.0.x anterior a v3.0.35, v3.1.x y v3.2.x anterior a v3.2.13, y v3.3.x anterior 3.3.6, cuando el modo de fichero dos est\u00e1 habilitado, permite a atacantes remotos modificar la lista de control de acceso para ficheros a trav\u00e9s de vectores relacionados con acceso de lectura a memoria sin inicializar."}], "lastModified": "2022-08-29T19:43:33.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC3937D6-7AD9-4319-92E9-C6A01927A167", "versionEndIncluding": "3.0.35", "versionStartIncluding": "3.0.31"}, {"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D1C58C8-7E57-4C73-9C6D-5A8512A31276", "versionEndExcluding": "3.2.13", "versionStartIncluding": "3.2.0"}, {"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2425AB5F-EB80-45AF-88CA-4A1A29824BF4", "versionEndExcluding": "3.3.6", "versionStartIncluding": "3.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}, {"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB"}], "operator": "OR"}]}], "vendorComments": [{"comment": "This issue did not affect Red Hat Enterprise Linux 3.\n\nIt was addressed in Red Hat Enterprise Linux 4 and 5 via RHSA-2009:1529:\nhttps://rhn.redhat.com/errata/RHSA-2009-1529.html\n", "lastModified": "2009-10-27T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}