Main Vulnerability Database SB2020111016

SB2020111016 - Permissions, Privileges, and Access Controls in samba (Alpine package)

Published: November 10, 2020

Security Bulletin ID SB2020111016

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-14318)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to the way "ChangeNotify" concept for SMB1/2/3 protocols was implemented in Samba. A missing permissions check on a directory handle requesting ChangeNotify means that a client with a directory handle open only for FILE_READ_ATTRIBUTES (minimal access rights) could be used to obtain change notify replies from the server. These replies contain information that should not be available to directory handles open for FILE_READ_ATTRIBUTE only. A local unprivileged user can abuse this lack of permissions check to obtain information about file changes.

Remediation

Install update from vendor's website.

References

https://git.alpinelinux.org/aports/commit/?id=e12a311820b84de80d45c9e31a24316d7c3acdcb