CVE-2019-3870

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 09-04-2019 06:29

Last modified: - 19-04-2022 05:34

Total changes: - 4

Description

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

Low

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

6.1

Base score

1.8

4.2

Exploitability score

Impact score

Verification logic

vendor=samba AND product=samba AND versionStartIncluding=4.10.0 AND versionEndExcluding=4.10.2

vendor=samba AND product=samba AND versionStartIncluding=4.9.0 AND versionEndExcluding=4.9.6

vendor=fedoraproject AND product=fedora AND version=30

vendor=fedoraproject AND product=fedora AND version=29

vendor=synology AND product=directory_server AND version=-

vendor=synology AND product=diskstation_manager AND version=5.2

vendor=synology AND product=diskstation_manager AND version=6.1

vendor=synology AND product=diskstation_manager AND version=6.2

vendor=synology AND product=router_manager AND version=1.2

AND

vendor=synology AND product=skynas_firmware AND version=-

vendor=synology AND product=skynas AND version=-

AND

vendor=synology AND product=vs960hd_firmware AND versionEndExcluding=2.3.6-1720

vendor=synology AND product=vs960hd AND version=-

Reference

https://www.samba.org/samba/security/CVE-2019-3870.html
https://bugzilla.samba.org/show_bug.cgi?id=13834
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870
FEDORA-2019-cacf88eabf-Mailing List, Third Party Advisory
FEDORA-2019-db21b5f1d2-Mailing List, Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_15
https://support.f5.com/csp/article/K20804356

Keywords

CVE-2019-3870

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2019-3870

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures