Home

CVE-2019-10197

Description

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
4.79

Associated Vulnerability

VulnerabilityOS Platform
samba security update(DSA-4513-1) samba_4.9.5+dfsg-5+deb10u1_amd64.debLinux
SMB/CIFS file, print, and login server for Unix (USN-4121-1) samba_4.10.0+dfsg-0ubuntu2.4_i386.debLinux
SMB/CIFS file, print, and login server for Unix (USN-4121-1) samba_4.10.0+dfsg-0ubuntu2.4_amd64.debLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libsmbclient-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libsmbclient-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libsmbclient-devel-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libsmbclient-devel-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libwbclient-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libwbclient-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libwbclient-devel-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update libwbclient-devel-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-client-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-client-libs-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-client-libs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-common-4.10.4-10.el7.noarch.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-common-libs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-common-tools-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-dc-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-dc-libs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-devel-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-devel-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-krb5-printing-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-libs-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-libs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-pidl-4.10.4-10.el7.noarch.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-python-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-python-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-python-test-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-test-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-test-libs-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-test-libs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-vfs-glusterfs-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-winbind-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-winbind-clients-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-winbind-krb5-locator-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-winbind-modules-4.10.4-10.el7.i686.rpmLinux
(RHSA-2020:1084) samba security, bug fix, and enhancement update samba-winbind-modules-4.10.4-10.el7.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update ctdb-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update ctdb-tests-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update libsmbclient-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update libsmbclient-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update libwbclient-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update libwbclient-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update openchange-2.3-24.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update openchange-2.3-24.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update openchange-debugsource-2.3-24.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update openchange-debugsource-2.3-24.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update python3-samba-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update python3-samba-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update python3-samba-test-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-client-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-client-libs-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-client-libs-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-common-4.11.2-13.el8.noarch.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-common-libs-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-common-tools-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-debugsource-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-debugsource-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-krb5-printing-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-libs-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-libs-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-pidl-4.11.2-13.el8.noarch.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-test-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-test-libs-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-clients-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-krb5-locator-4.11.2-13.el8.x86_64.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-modules-4.11.2-13.el8.i686.rpmLinux
(RHSA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-modules-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1084) samba security, bug fix, and enhancement update samba-python-test-4.10.4-10.el7.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update ctdb-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update ctdb-tests-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update libsmbclient-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update libsmbclient-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update libwbclient-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update libwbclient-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update python3-samba-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update python3-samba-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update python3-samba-test-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-client-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-client-libs-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-client-libs-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-common-4.11.2-13.el8.noarch.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-common-libs-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-common-tools-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-krb5-printing-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-libs-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-libs-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-pidl-4.11.2-13.el8.noarch.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-test-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-test-libs-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-clients-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-krb5-locator-4.11.2-13.el8.x86_64.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-modules-4.11.2-13.el8.i686.rpmLinux
(CESA-2020:1878) samba security, bug fix, and enhancement update samba-winbind-modules-4.11.2-13.el8.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) ldb-debugsource-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) ldb-tools-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) ldb-tools-debuginfo-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) libldb1-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) libldb1-32bit-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) libldb1-debuginfo-1.5.8-3.5.1.x86_64.rpmLinux
SUSE-SU-2020:2673-1(SUSE Linux Enterprise Server 12-SP5 ) libldb1-debuginfo-32bit-1.5.8-3.5.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234