PT-2020-6720 · Samba+9 · Samba+9

Published

2020-10-29

·

Updated

2024-10-29

·

CVE-2020-14318

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description A flaw was found in the way Samba handled file and directory permissions, allowing an authenticated user to gain access to certain file and directory information that would otherwise be unavailable. This issue is related to a missing permissions check on a directory handle requesting ChangeNotify, which enables attackers to obtain information that should not be available to directory handles open for minimal access rights only.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Incorrect Privilege Assignment

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-269

Related Identifiers

ALSA-2021:1647
ALT-PU-2020-3188
ALT-PU-2020-3215
ALT-PU-2020-3271
ALT-PU-2020-3406
ALT-PU-2021-1580
AZL-36988
AZL-7347
BDU:2022-05769
CESA-2020_5439
CESA-2021_1647
CVE-2020-14318
DLA-2463-1
DLA-3792-1
ECHO-9330-3B56-575C
MGASA-2020-0410
OPENSUSE-SU-2020:1811-1
OPENSUSE-SU-2020:1819-1
OPENSUSE-SU-2020_1811-1
OPENSUSE-SU-2020_1819-1
OPENSUSE-SU-2024:11365-1
RHSA-2020:5439
RHSA-2020_5439
RHSA-2021:1647
RHSA-2021:3723
RHSA-2021_1647
RLSA-2021:1647
SUSE-SU-2020:14525-1
SUSE-SU-2020:3081-1
SUSE-SU-2020:3082-1
SUSE-SU-2020:3083-1
SUSE-SU-2020:3087-1
SUSE-SU-2020:3092-1
SUSE-SU-2020:3093-1
SUSE-SU-2020_14525-1
SUSE-SU-2020_3081-1
SUSE-SU-2020_3082-1
SUSE-SU-2020_3083-1
SUSE-SU-2020_3087-1
SUSE-SU-2020_3092-1
SUSE-SU-2020_3093-1
SUSE-SU-2021:0185-1
USN-4611-1
USN-4931-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Rocky Linux
Samba
Suse
Ubuntu