The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x prior to 4.1.22, 4.2.x prior to 4.2.7, and 4.3.x prior to 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote malicious users to access snapshots by visiting a shadow copy directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 15.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |