- Vulnerability/
- USN-4121-1
USN-4121-1: Samba vulnerability
First published: Tue Sep 03 2019(Updated: )
Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/samba | <2:4.10.0+dfsg-0ubuntu2.4 | 2:4.10.0+dfsg-0ubuntu2.4 |
| Ubuntu OpenSSH Client | =19.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of USN-4121-1?
The severity of USN-4121-1 is considered to be high due to potential unauthorized access to sensitive files.
How do I fix USN-4121-1?
To fix USN-4121-1, update the Samba package to the patched version 2:4.10.0+dfsg-0ubuntu2.4 or later.
What vulnerabilities are addressed in USN-4121-1?
USN-4121-1 addresses a directory traversal vulnerability in the Samba SMB server.
Who discovered the vulnerability in USN-4121-1?
The vulnerability in USN-4121-1 was discovered by Stefan Metzmacher.
What versions of Ubuntu are affected by USN-4121-1?
USN-4121-1 affects Ubuntu 19.04 with Samba version before 2:4.10.0+dfsg-0ubuntu2.4.
- agent/severity
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/title
- agent/description
- agent/references
- agent/trending
- agent/source
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu openssh client
- version/ubuntu openssh client/19.04