CVE-2015-5299 — Sensitive Information Exposure in Samba

CWE-200 — Sensitive Information Exposure CWE-862 — Missing Authorization11 documents7 sources

Severity

5.3MEDIUMNVD

EPSS

9.1%

top 7.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba Canonical Ubuntu Linux +1 more

Timeline

PublishedDec 29

Latest updateMay 17

Description

The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶NVDsamba/samba3.0.20 — 4.1.22+2

▶debiandebian/samba< samba 2:4.1.22+dfsg-1 (bookworm)

▶Debiansamba/samba< 2:4.1.22+dfsg-1+3

▶Ubuntusamba/samba< 2:4.1.6+dfsg-1ubuntu2.14.04.11+1

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.04, 15.10

🔴Vulnerability Details

GHSA

GHSA-f55c-cff2-h6j3: The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2↗2022-05-17

▶

OSV

samba regression↗2016-02-16

▶

OSV

samba vulnerabilities↗2016-01-05

▶

OSV

CVE-2015-5299: The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2↗2015-12-29

▶

📋Vendor Advisories

Ubuntu

Samba regression↗2016-02-16

▶

Ubuntu

Samba vulnerabilities↗2016-01-05

▶

Red Hat

Samba: Missing access control check in shadow copy code↗2015-12-16

▶

Debian

CVE-2015-5299: samba - The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in ...↗2015

▶

💬Community

Bugzilla

CVE-2015-5299 CVE-2015-7540 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 samba: various flaws [fedora-all]↗2015-12-16

▶

Bugzilla

CVE-2015-5299 Samba: Missing access control check in shadow copy code↗2015-10-28

▶