vulnerability

Oracle Linux: CVE-2019-10197: ELSA-2020-1084: samba security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Try Surface Command
Back to search
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
2019-09-03
Added
2022-10-05
Modified
2025-01-07

Description

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share.

Solution(s)

oracle-linux-upgrade-ctdboracle-linux-upgrade-ctdb-testsoracle-linux-upgrade-libsmbclientoracle-linux-upgrade-libsmbclient-develoracle-linux-upgrade-libwbclientoracle-linux-upgrade-libwbclient-develoracle-linux-upgrade-openchangeoracle-linux-upgrade-python3-sambaoracle-linux-upgrade-python3-samba-testoracle-linux-upgrade-sambaoracle-linux-upgrade-samba-clientoracle-linux-upgrade-samba-client-libsoracle-linux-upgrade-samba-commonoracle-linux-upgrade-samba-common-libsoracle-linux-upgrade-samba-common-toolsoracle-linux-upgrade-samba-dcoracle-linux-upgrade-samba-dc-libsoracle-linux-upgrade-samba-develoracle-linux-upgrade-samba-krb5-printingoracle-linux-upgrade-samba-libsoracle-linux-upgrade-samba-pidloracle-linux-upgrade-samba-pythonoracle-linux-upgrade-samba-python-testoracle-linux-upgrade-samba-testoracle-linux-upgrade-samba-test-libsoracle-linux-upgrade-samba-vfs-glusterfsoracle-linux-upgrade-samba-winbindoracle-linux-upgrade-samba-winbind-clientsoracle-linux-upgrade-samba-winbind-krb5-locatororacle-linux-upgrade-samba-winbind-modules

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today