cbcvebase.
CVE-2019-3870
published 2019-04-09

CVE-2019-3870: A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are…

PriorityP427medium6.1CVSS 3.1
AVLACLPRLUINSUCNILAH
EPSS
0.55%
41.9th percentile
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

Affected

19 ranges
VendorProductVersion rangeFixed in
debiansamba< samba 2:4.9.5+dfsg-3 (bookworm)samba 2:4.9.5+dfsg-3 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
msrcazl3_samba_4.18.3-1_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
sambasamba>= 0 < 2:4.9.5+dfsg-32:4.9.5+dfsg-3
sambasamba>= 0 < 2:4.9.5+dfsg-32:4.9.5+dfsg-3
sambasamba>= 0 < 2:4.9.5+dfsg-32:4.9.5+dfsg-3
sambasamba>= 0 < 2:4.9.5+dfsg-32:4.9.5+dfsg-3
sambasamba>= 4.10.0 < 4.10.24.10.2
sambasamba>= 4.9.0 < 4.9.64.9.6
synologydiskstation_manager
synologydiskstation_manager
synologydiskstation_manager
synologyrouter_manager
synologyvs960hd_firmware< 2.3.6-17202.3.6-1720
the_samba_projectsamba
the_samba_projectsamba

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
nvdv3.06.1MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
nvdv2.03.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P
osv6.1MEDIUM
vendor_debian6.1MEDIUM
vendor_msrc6.1MEDIUM
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.