CVE-2019-3880: Path Traversal
First published: Thu Mar 21 2019(Updated: )
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/samba | <4.8.11 | 4.8.11 |
| redhat/samba | <4.9.6 | 4.9.6 |
| redhat/samba | <4.10.2 | 4.10.2 |
| Samba Samba | >=3.2.0<4.8.11 | |
| Samba Samba | >=4.9.0<4.9.6 | |
| Samba Samba | >=4.10.0<4.10.2 | |
| Debian Debian Linux | =8.0 | |
| Redhat Gluster Storage | =3.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Fedoraproject Fedora | =28 | |
| Fedoraproject Fedora | =29 | |
| Fedoraproject Fedora | =30 | |
| openSUSE Leap | =42.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html
- https://access.redhat.com/errata/RHSA-2019:1966
- https://access.redhat.com/errata/RHSA-2019:1967
- https://access.redhat.com/errata/RHSA-2019:2099
- https://access.redhat.com/errata/RHSA-2019:3582
- https://access.redhat.com/security/cve/cve-2019-3880
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880
- https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/
- https://security.netapp.com/advisory/ntap-20190411-0004/
- https://support.f5.com/csp/article/K20804356
- https://www.samba.org/samba/security/CVE-2019-3880.html
- https://www.synology.com/security/advisory/Synology_SA_19_15
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1697717
- https://bugzilla.redhat.com/show_bug.cgi?id=1691518
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/
Frequently Asked Questions
What is CVE-2019-3880?
CVE-2019-3880 is a vulnerability in Samba that allows an unprivileged attacker to create a new registry hive file anywhere they have Unix permissions.
How does CVE-2019-3880 impact Samba?
CVE-2019-3880 allows an attacker to create a new file in the Samba share.
What is the severity of CVE-2019-3880?
The severity of CVE-2019-3880 is medium with a CVSS score of 5.4.
Which versions of Samba are affected by CVE-2019-3880?
Samba versions before 4.8.11, 4.9.6, and 4.10.2 are affected by CVE-2019-3880.
How can I fix CVE-2019-3880 in Samba?
To fix CVE-2019-3880, you should update Samba to version 4.8.11, 4.9.6, or 4.10.2.
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-3880
- agent/software-canonical-lookup
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/samba
- canonical/samba samba
- version/samba samba/3.2.0
- version/samba samba/4.9.0
- version/samba samba/4.10.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- vendor/redhat
- canonical/redhat gluster storage
- version/redhat gluster storage/3.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/28
- version/fedoraproject fedora/29
- version/fedoraproject fedora/30
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/42.3
- package-manager/redhat