← Zuruck zu CVEs
CVE-2013-4476
N/ABeschreibung
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht11/13/2013
Zuletzt geandert4/29/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
samba:samba
Schwachen (CWE)
CWE-310
Referenzen
http://lists.opensuse.org/opensuse-updates/2013-11/msg00083.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00088.html(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-201502-15.xml(secalert@redhat.com)
http://www.samba.org/samba/history/samba-4.0.11.html(secalert@redhat.com)
http://www.samba.org/samba/history/samba-4.1.1.html(secalert@redhat.com)
http://www.samba.org/samba/security/CVE-2013-4476(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2013-11/msg00083.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00088.html(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201502-15.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.samba.org/samba/history/samba-4.0.11.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.samba.org/samba/history/samba-4.1.1.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.samba.org/samba/security/CVE-2013-4476(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.