Home CVE Database CVE-2015-5252

CVE-2015-5252

Description

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.

Priority: Medium
CVSS v3: 7.2
Publish Date: Dec 29, 2015
Related ID: --
CVSS v2: High
Modified Date: Dec 30, 2015

Find out more about CVE-2015-5252 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

samba

Live chat
Online