Published: 03/11/2023 Updated: 02/01/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba
redhat enterprise linux 8.0
redhat storage 3.0
redhat enterprise linux eus 9.0
fedoraproject fedora 39

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation For the stable distribution (bookworm), these problems have been fixed in version 2:41712+dfsg-0+deb12u1 We recommend that you upgrade your samba packag ...

Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated this ...

概述 Important: OpenShift Container Platform 41245 bug fix and security update 类型/严重性 Security Advisory: Important 标题 Red Hat OpenShift Container Platform release 41245 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShi ...

Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a securi ...

概要 Important: OpenShift Container Platform 41324 bug fix and security update タイプ/重大度 Security Advisory: Important トピック Red Hat OpenShift Container Platform release 41324 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Ha ...

Synopsis Important: OpenShift Container Platform 41154 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41154 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...

Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Security has rated this ...

Synopsis Important: OpenShift Container Platform 4144 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4144 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...

Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a securi ...

CWE-22 https://bugzilla.samba.org/show_bug.cgi?id=15422 https://access.redhat.com/security/cve/CVE-2023-3961 https://access.redhat.com/errata/RHSA-2023:6209 https://bugzilla.redhat.com/show_bug.cgi?id=2241881 https://www.samba.org/samba/security/CVE-2023-3961.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/https://access.redhat.com/errata/RHSA-2023:6744 https://access.redhat.com/errata/RHSA-2023:7371 https://access.redhat.com/errata/RHSA-2023:7408 https://access.redhat.com/errata/RHSA-2023:7464 https://access.redhat.com/errata/RHSA-2023:7467 https://security.netapp.com/advisory/ntap-20231124-0002/https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5525

Get Started

CVE-2023-3961

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect