Vulnerability Details : CVE-2015-5252
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
Exploit prediction scoring system (EPSS) score for CVE-2015-5252
Probability of exploitation activity in the next 30 days: 1.27%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-5252
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N |
3.9
|
2.7
|
NIST |
CWE ids for CVE-2015-5252
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5252
-
https://security.gentoo.org/glsa/201612-47
Samba: Multiple vulnerabilities (GLSA 201612-47) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00017.html
[security-announce] SUSE-SU-2016:0164-1: important: Security update forMailing List;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3433
Debian -- Security Information -- DSA-3433-1 sambaThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html
[security-announce] openSUSE-SU-2015:2354-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
[security-announce] openSUSE-SU-2016:1064-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
[SECURITY] Fedora 23 Update: samba-4.3.3-0.fc23Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993
HPSBUX03574 rev.1 - HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, UnauthorizThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html
[security-announce] SUSE-SU-2015:2304-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00046.html
[security-announce] SUSE-SU-2016:1105-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
[security-announce] openSUSE-SU-2015:2356-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html
[security-announce] SUSE-SU-2015:2305-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
[SECURITY] Fedora 22 Update: samba-4.2.7-0.fc22Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2855-2
USN-2855-2: Samba regression | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00002.html
[security-announce] SUSE-SU-2016:0032-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/79733
Samba CVE-2015-5252 Symlink VulnerabilityThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016Third Party Advisory
-
https://www.samba.org/samba/security/CVE-2015-5252.html
Samba - Security Announcement ArchiveExploit;Vendor Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Oracle Solaris Bulletin - January 2016Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
[security-announce] openSUSE-SU-2016:1106-1: important: Security updateMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1034493
Samba Multiple Flaws Let Remote Users Access Data and Files, Obtain Potentially Sensitive Information, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1290288
1290288 – (CVE-2015-5252) CVE-2015-5252 samba: Insufficient symlink verification in smbdIssue Tracking;Third Party Advisory
-
https://git.samba.org/?p=samba.git;a=commit;h=4278ef25f64d5fdbf432ff1534e275416ec9561e
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2855-1
USN-2855-1: Samba vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
[security-announce] openSUSE-SU-2016:1107-1: important: Security updateMailing List;Third Party Advisory
Products affected by CVE-2015-5252
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*