Home

CVE-2013-6442

Description

The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
1.273

Associated Vulnerability

VulnerabilityOS Platform
Libsmbclient update (ELSA-2018-1860) libsmbclient-3.6.23-51.0.1.el6.x86_64.rpmLinux
Libsmbclient-devel update (ELSA-2018-1860) libsmbclient-devel-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba update (ELSA-2018-1860) samba-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-client update (ELSA-2018-1860) samba-client-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-common update (ELSA-2018-1860) samba-common-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-doc update (ELSA-2018-1860) samba-doc-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-domainjoin-gui update (ELSA-2018-1860) samba-domainjoin-gui-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-glusterfs update (ELSA-2018-1860) samba-glusterfs-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-swat update (ELSA-2018-1860) samba-swat-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind update (ELSA-2018-1860) samba-winbind-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-clients update (ELSA-2018-1860) samba-winbind-clients-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-devel update (ELSA-2018-1860) samba-winbind-devel-3.6.23-51.0.1.el6.x86_64.rpmLinux
Samba-winbind-krb5-locator update (ELSA-2018-1860) samba-winbind-krb5-locator-3.6.23-51.0.1.el6.x86_64.rpmLinux
Libsmbclient update (ELSA-2018-1860) libsmbclient-3.6.23-51.0.1.el6.i686.rpmLinux
Libsmbclient-devel update (ELSA-2018-1860) libsmbclient-devel-3.6.23-51.0.1.el6.i686.rpmLinux
Samba update (ELSA-2018-1860) samba-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-client update (ELSA-2018-1860) samba-client-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-common update (ELSA-2018-1860) samba-common-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-doc update (ELSA-2018-1860) samba-doc-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-domainjoin-gui update (ELSA-2018-1860) samba-domainjoin-gui-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-swat update (ELSA-2018-1860) samba-swat-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind update (ELSA-2018-1860) samba-winbind-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-clients update (ELSA-2018-1860) samba-winbind-clients-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-devel update (ELSA-2018-1860) samba-winbind-devel-3.6.23-51.0.1.el6.i686.rpmLinux
Samba-winbind-krb5-locator update (ELSA-2018-1860) samba-winbind-krb5-locator-3.6.23-51.0.1.el6.i686.rpmLinux
Ctdb update (ELSA-2018-3056) ctdb-4.8.3-4.el7.x86_64.rpmLinux
Ctdb-tests update (ELSA-2018-3056) ctdb-tests-4.8.3-4.el7.x86_64.rpmLinux
Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.x86_64.rpmLinux
Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.x86_64.rpmLinux
Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.x86_64.rpmLinux
Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.x86_64.rpmLinux
Samba update (ELSA-2018-3056) samba-4.8.3-4.el7.x86_64.rpmLinux
Samba-client update (ELSA-2018-3056) samba-client-4.8.3-4.el7.x86_64.rpmLinux
Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.x86_64.rpmLinux
Samba-common-libs update (ELSA-2018-3056) samba-common-libs-4.8.3-4.el7.x86_64.rpmLinux
Samba-common-tools update (ELSA-2018-3056) samba-common-tools-4.8.3-4.el7.x86_64.rpmLinux
Samba-dc update (ELSA-2018-3056) samba-dc-4.8.3-4.el7.x86_64.rpmLinux
Samba-dc-libs update (ELSA-2018-3056) samba-dc-libs-4.8.3-4.el7.x86_64.rpmLinux
Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.x86_64.rpmLinux
Samba-krb5-printing update (ELSA-2018-3056) samba-krb5-printing-4.8.3-4.el7.x86_64.rpmLinux
Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.x86_64.rpmLinux
Samba-python update (ELSA-2018-3056) samba-python-4.8.3-4.el7.x86_64.rpmLinux
Samba-python-test update (ELSA-2018-3056) samba-python-test-4.8.3-4.el7.x86_64.rpmLinux
Samba-test update (ELSA-2018-3056) samba-test-4.8.3-4.el7.x86_64.rpmLinux
Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.x86_64.rpmLinux
Samba-vfs-glusterfs update (ELSA-2018-3056) samba-vfs-glusterfs-4.8.3-4.el7.x86_64.rpmLinux
Samba-winbind update (ELSA-2018-3056) samba-winbind-4.8.3-4.el7.x86_64.rpmLinux
Samba-winbind-clients update (ELSA-2018-3056) samba-winbind-clients-4.8.3-4.el7.x86_64.rpmLinux
Samba-winbind-krb5-locator update (ELSA-2018-3056) samba-winbind-krb5-locator-4.8.3-4.el7.x86_64.rpmLinux
Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.x86_64.rpmLinux
Samba-common update (ELSA-2018-3056) samba-common-4.8.3-4.el7.noarch.rpmLinux
Samba-pidl update (ELSA-2018-3056) samba-pidl-4.8.3-4.el7.noarch.rpmLinux
Libsmbclient update (ELSA-2018-3056) libsmbclient-4.8.3-4.el7.i686.rpmLinux
Libsmbclient-devel update (ELSA-2018-3056) libsmbclient-devel-4.8.3-4.el7.i686.rpmLinux
Libwbclient update (ELSA-2018-3056) libwbclient-4.8.3-4.el7.i686.rpmLinux
Libwbclient-devel update (ELSA-2018-3056) libwbclient-devel-4.8.3-4.el7.i686.rpmLinux
Samba-client-libs update (ELSA-2018-3056) samba-client-libs-4.8.3-4.el7.i686.rpmLinux
Samba-devel update (ELSA-2018-3056) samba-devel-4.8.3-4.el7.i686.rpmLinux
Samba-libs update (ELSA-2018-3056) samba-libs-4.8.3-4.el7.i686.rpmLinux
Samba-test-libs update (ELSA-2018-3056) samba-test-libs-4.8.3-4.el7.i686.rpmLinux
Samba-winbind-modules update (ELSA-2018-3056) samba-winbind-modules-4.8.3-4.el7.i686.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234