Cryptographic issues in samba (Alpine package)

Published: 2013-11-14

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2013-4476
CWE-ID	CWE-310
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	samba (Alpine package) Operating systems & Components / Operating system package or component
Vendor	Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cryptographic issues

EUVDB-ID: #VU32623

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2013-4476

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.

Mitigation

Install update from vendor's website.

Vulnerable software versions

samba (Alpine package): 3.6.13-r0 - 3.6.19-r1

CPE2.3

External links

https://git.alpinelinux.org/aports/commit/?id=145836360ec3811eac5629311303d891a9088ce4
https://git.alpinelinux.org/aports/commit/?id=facd113ce1db85be7279f8170bbc8f8857372575
https://git.alpinelinux.org/aports/commit/?id=ce1d3eb25cf80502fc9c9b6604f7efb372ff2ac8
https://git.alpinelinux.org/aports/commit/?id=d8fa59f0ddf835f8d9c7c0b2b45a1a626c8898c6

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.