CVE Vulnerabilities

CVE-2013-1863

Published: Mar 19, 2013 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
3.6 MODERATE
AV:N/AC:H/Au:S/C:P/I:P/A:N
RedHat/V3
Ubuntu
HIGH
root.io minimus.io echohq.com

Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.

Affected Software

Name Vendor Start Version End Version
Samba Samba 4.0.0 (including) 4.0.0 (including)
Samba Samba 4.0.1 (including) 4.0.1 (including)
Samba Samba 4.0.2 (including) 4.0.2 (including)
Samba Samba 4.0.3 (including) 4.0.3 (including)
Samba4 Ubuntu lucid *
Samba4 Ubuntu oneiric *
Samba4 Ubuntu precise *
Samba4 Ubuntu quantal *
Samba4 Ubuntu raring *
Samba4 Ubuntu saucy *
Samba4 Ubuntu upstream *

References