CVE-2017-2619
Public on 2017-05-30
Modified on 2017-05-31
Description
A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | samba | 2017-05-30 | ALAS-2017-834 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.9 | CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L |
| NVD | CVSSv3 | 7.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| NVD | CVSSv2 | 6.0 | AV:N/AC:M/Au:S/C:P/I:P/A:P |