6
CVE-2009-2813
- EPSS 2.73%
- Veröffentlicht 14.09.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version10.5.8
Fedoraproject ≫ Fedora Version11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.73% | 0.841 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
http://secunia.com/advisories/36701
http://support.apple.com/kb/HT3865
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://secunia.com/advisories/36918
http://www.ubuntu.com/usn/USN-839-1
http://wiki.rpath.com/Advisories:rPSA-2009-0145
http://www.securityfocus.com/archive/1/507856/100/0/threaded
http://marc.info/?l=bugtraq&m=126514298313071&w=2
http://news.samba.org/releases/3.0.37/
http://news.samba.org/releases/3.2.15/
http://news.samba.org/releases/3.3.8/
http://news.samba.org/releases/3.4.2/
http://osvdb.org/57955
http://secunia.com/advisories/36893
http://secunia.com/advisories/36937
http://secunia.com/advisories/36953
http://secunia.com/advisories/37428
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1
http://www.samba.org/samba/security/CVE-2009-2813.html
http://www.securityfocus.com/bid/36363
http://www.vupen.com/english/advisories/2009/2810
https://exchange.xforce.ibmcloud.com/vulnerabilities/53174
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7211
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7257
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7791
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9191
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html