Home CVE Database CVE-2015-7560



The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Priority: Medium
CVSS v3: 6.5
Publish Date: Mar 13, 2016
Related ID: --
CVSS v2: Medium
Modified Date: Mar 22, 2016

Find out more about CVE-2015-7560 from the MITRE-CVE dictionary and NIST NVD

Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --



Live chat