Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3789

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-3789
Last Modified 07 Mar 2011 10:11:24
Published 27 Aug 2008 04:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3789

Summary

Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.

Vulnerable Systems

Application

  • Samba 3.2.0


References

XF - samba-groupmapping-security-bypass(44678)

VUPEN - ADV-2008-2440

SECTRACK - 1020770

BID - 30837

MLIST - [oss-security] 20080826 CVE Request (samba)

SECUNIA - 31601

CONFIRM - http://samba.org/samba/security/CVE-2008-3789.html

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073


Last Updated: 27 May 2016 10:48:18