Computer Security
[EN] securityvulns.ru no-pyccku


Samba protection bypass
Published:26.11.2013
Source:
SecurityVulns ID:13419
Type:local
Threat Level:
5/10
Description:Restrictions bypass if alternative data streams are allowed.
Affected:SAMBA : Samba 4.1
CVE:CVE-2013-4475 (Samba 3.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).)
Original documentdocumentMANDRIVA, [ MDVSA-2013:278 ] samba (26.11.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod