PT-2015-3396 · Samba Team+6 · Samba+5

Kurt Seifried

+1

·

Published

2015-12-16

·

Updated

2024-06-15

·

CVE-2015-5299

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Samba versions 3.x through 4.1.21 Samba versions 4.2.x through 4.2.6 Samba versions 4.3.x through 4.3.2
Description The issue is related to the shadow copy2 get shadow copy data function, which does not verify that the DIRECTORY LIST access right has been granted. This allows remote attackers to access snapshots by visiting a shadow copy directory, potentially leading to information disclosure. The vulnerability can be exploited by remote attackers to gain access to confidential data.
Recommendations For Samba versions 3.x through 4.1.21, update to version 4.1.22 or later. For Samba versions 4.2.x through 4.2.6, update to version 4.2.7 or later. For Samba versions 4.3.x through 4.3.2, update to version 4.3.3 or later. As a temporary workaround, consider restricting access to the shadow copy directory to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2015-2138
ALT-PU-2015-2139
BDU:2021-01297
CESA-2016_0006
CESA-2016_0010
CESA-2016_0011
CVE-2015-5299
DLA-379-1
DSA-3433-1
ECHO-7EF2-E588-3C1D
MGASA-2016-0094
OPENSUSE-SU-2015_2354-1
OPENSUSE-SU-2015_2356-1
OPENSUSE-SU-2016_1064-1
OPENSUSE-SU-2016_1106-1
OPENSUSE-SU-2024:10069-1
RHSA-2016:0006
RHSA-2016:0010
RHSA-2016:0011
RHSA-2016:0015
RHSA-2016:0016
RHSA-2016_0006
RHSA-2016_0010
RHSA-2016_0011
SUSE-SU-2015:2304-1
SUSE-SU-2015:2305-1
SUSE-SU-2016:0032-1
SUSE-SU-2016:0164-1
USN-2855-1
USN-2855-2

Affected Products

Alt Linux
Centos
Red Hat
Samba
Suse
Ubuntu