vulnerability
Amazon Linux AMI: Security patch for samba (ALAS-2016-674) (CVE-2015-7560)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Mar 13, 2016 | Mar 30, 2016 | Oct 30, 2017 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Mar 13, 2016
Added
Mar 30, 2016
Modified
Oct 30, 2017
Description
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
Solutions
amazon-linux-upgrade-ctdbamazon-linux-upgrade-ctdb-develamazon-linux-upgrade-ctdb-testsamazon-linux-upgrade-libsmbclientamazon-linux-upgrade-libsmbclient-develamazon-linux-upgrade-libwbclientamazon-linux-upgrade-libwbclient-develamazon-linux-upgrade-sambaamazon-linux-upgrade-samba-clientamazon-linux-upgrade-samba-client-libsamazon-linux-upgrade-samba-commonamazon-linux-upgrade-samba-common-libsamazon-linux-upgrade-samba-common-toolsamazon-linux-upgrade-samba-debuginfoamazon-linux-upgrade-samba-develamazon-linux-upgrade-samba-libsamazon-linux-upgrade-samba-pidlamazon-linux-upgrade-samba-pythonamazon-linux-upgrade-samba-testamazon-linux-upgrade-samba-test-develamazon-linux-upgrade-samba-test-libsamazon-linux-upgrade-samba-winbindamazon-linux-upgrade-samba-winbind-clientsamazon-linux-upgrade-samba-winbind-krb5-locatoramazon-linux-upgrade-samba-winbind-modules
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.