FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- combination of parameters and permissions can allow user to escape from the share path definition

Affected packages
samba410 < 4.10.8

Details

VuXML ID 145a3e17-cea2-11e9-81e2-005056a311d1
Discovery 2019-09-01
Entry 2019-09-03

The samba project reports:

On a Samba SMB server for all versions of Samba from 4.9.0 clients are able to escape outside the share root directory if certain configuration parameters set in the smb.conf file.

[source]

References

CVE Name CVE-2019-10197
URL https://www.samba.org/samba/security/CVE-2019-10197.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.