Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samba ACL 检查安全绕过漏洞
Vulnerability Description
Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba中存在安全漏洞,该漏洞源于当打开交替数据流时程序没有检查底层文件和目录访问控制列表(ACL)。当加载vfs_streams_depot虚拟文件系统模块或vfs_streams_xattr虚拟文件系统模块时,远程攻击者可利用该漏洞绕过既定的文件限制。以下版本受到影响:Samba 3.6.20之前的3.x版本,4.0.11之
CVSS Information
N/A
Vulnerability Type
N/A