Update Protection against Samba Root File System Access Security Bypass Vulnerability
| Check Point Reference: | CPAI-2009-017 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA33379 | |
| Industry Reference(s): | CVE-2009-0022 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Samba Team Samba 3.2.0 to 3.2.6 | ||
| Vulnerability Description A security bypass vulnerability was reported in Samba, a popular open source implementation of the SMB/CIFS file sharing protocol. The vulnerability is due to a design weakness in the root file system. Remote attackers can leverage the vulnerability to gain read-only access to the local file system in the security context of the Samba service. |
||
|
Update/Patch Available Update to version 3.2.7 or apply patch: http://us6.samba.org/samba/ftp/stable/samba-3.2.7.tar.gz http://us1.samba.org/samba/ftp/patches/security/samba-3.2.6-CVE-2009-0022.patch |
|
|
Vulnerability Details The design flaw is in the access to the root file system. Access is granted to authenticated users that connect to a share with an empty string as name. The vulnerable code acknowledges the empty share name as valid while the proper behavior is to reject such a request. Successful exploitation requires that "registry shares" is enabled. |
Protection Overview
By enabling this protection, IPS-1 will detect and block attempts by unauthenticated users to access the Samba root.
To configure the defense, select your product from the list below and follow the related protection steps.