CVE-2009-2813
samba - several vulnerabilities
EPSS 0.83%
Description
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.
How to fix CVE-2009-2813
To remediate CVE-2009-2813, upgrade the affected package to a fixed version below.
- —upgrade to 2:3.4.2-1 or later
- —upgrade to 2:3.2.5-4lenny7 or later
Is CVE-2009-2813 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2:3.4.2-1
- from 0, < 2:3.2.5-4lenny7