CVE-2003-0086Race Condition in Samba

6 documents6 sources
Severity
1.2LOWNVD
EPSS
0.3%
top 44.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SambaDebian Samba
Timeline
PublishedMar 31
Latest updateMay 3

Description

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.

CVSS vector

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages3 packages

debiandebian/samba< samba 2.2.8 (bookworm)
Debiansamba/samba< 2.2.8+3
NVDsamba/samba22 versions+21

Patches

Patch: www.debian.orgPatch: www.securityfocus.comPatch: www.debian.org

🔴Vulnerability Details

2
GHSA
GHSA-rcgr-jhj7-cx8m: The code for writing reg files in Samba before 22022-05-03
OSV
CVE-2003-0086: The code for writing reg files in Samba before 22003-03-31

📋Vendor Advisories

2
Red Hat
security flaw2003-03-15
Debian
CVE-2003-0086: samba - The code for writing reg files in Samba before 2.2.8 allows local users to overw...2003

💬Community

1
Bugzilla
CVE-2003-0086 security flaw2018-08-16