CVE-2017-2619

Updated: 2024-07-03 16:25:49.321343

Description:

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS samba 3.6.23 7.5 HIGH Already Fixed 2024-07-11 11:21:49
CentOS 7 ELS samba 4.10.16 7.5 HIGH Already Fixed 2024-07-08 11:21:18
CentOS 8.4 ELS samba 4.13.3-5 7.5 HIGH Already Fixed 2024-07-11 11:21:49
CentOS 8.5 ELS samba 4.14.5-7 7.5 HIGH Already Fixed 2024-07-11 11:21:50
CentOS Stream 8 ELS samba 4.19.4 7.5 HIGH Already Fixed 2024-07-11 11:21:49
CloudLinux 6 ELS samba 3.6.23 7.5 HIGH Already Fixed 2024-07-11 11:21:49
Oracle Linux 6 ELS samba 3.6.23 7.5 HIGH Not Vulnerable 2024-07-11 11:21:50
Ubuntu 16.04 ELS samba 4.3.11 7.5 HIGH Not Vulnerable 2024-07-11 11:21:50
Ubuntu 18.04 ELS samba 4.7.6 7.5 HIGH Already Fixed 2024-07-11 11:21:50