Check Point Advisories

Update Protection against Samba Root File System Access Security Bypass Vulnerability

Check Point Reference: CPAI-2009-017
Date Published: 9 Jan 2009
Severity: Medium
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA33379
Industry Reference:CVE-2009-0022
Protection Provided by:
Who is Vulnerable? Samba Team Samba 3.2.0 to 3.2.6
Vulnerability Description A security bypass vulnerability was reported in Samba, a popular open source implementation of the SMB/CIFS file sharing protocol. The vulnerability is due to a design weakness in the root file system. Remote attackers can leverage the vulnerability to gain read-only access to the local file system in the security context of the Samba service.
Update/Patch Avaliable
Update to version 3.2.7 or apply patch:
http://us6.samba.org/samba/ftp/stable/samba-3.2.7.tar.gz
http://us1.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch

Vulnerability DetailsThe design flaw is in the access to the root file system. Access is granted to authenticated users that connect to a share with an empty string as name. The vulnerable code acknowledges the empty share name as valid while the proper behavior is to reject such a request. Successful exploitation requires that "registry shares" is enabled.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK