A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions prior to 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
samba samba |
||
debian debian linux 8.0 |
||
redhat enterprise linux 7.0 |
||
redhat gluster storage 3.0 |
||
fedoraproject fedora 28 |
||
fedoraproject fedora 29 |
||
fedoraproject fedora 30 |
||
opensuse leap 42.3 |