CVE-2015-7560

moderate-risk

Published 2016-03-13

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Do I need to act?

4.0% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (9)

Samba

Ubuntu Linux

Debian Linux

Samba

Affected Vendors

Debian Samba Canonical

References (38)

Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html

Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html

Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html

Third Party Advisory http://www.debian.org/security/2016/dsa-3514

Third Party Advisory http://www.securityfocus.com/bid/84267

Third Party Advisory http://www.securitytracker.com/id/1035220

Third Party Advisory http://www.ubuntu.com/usn/USN-2922-1

Issue Tracking https://bugzilla.samba.org/show_bug.cgi?id=11648

Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c...

Vendor Advisory https://www.samba.org/samba/security/CVE-2015-7560.html

Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html

and 18 more references

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 7/34 · Low

Exposure 15/34 · Moderate