CVE-2009-2813

N/A Unknown

Published: September 14, 2009 Modified: April 23, 2026

Description

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=126514298313071&w=2

Source: cve@mitre.org

http://news.samba.org/releases/3.0.37/

Source: cve@mitre.org

http://news.samba.org/releases/3.2.15/

Source: cve@mitre.org

http://news.samba.org/releases/3.3.8/

Source: cve@mitre.org

http://news.samba.org/releases/3.4.2/

Source: cve@mitre.org

http://osvdb.org/57955

Source: cve@mitre.org

http://secunia.com/advisories/36701

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/36893

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/36918

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/36937

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/36953

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/37428

Source: cve@mitre.org

Vendor Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1

Source: cve@mitre.org

http://support.apple.com/kb/HT3865

Source: cve@mitre.org

Vendor Advisory

http://wiki.rpath.com/Advisories:rPSA-2009-0145

Source: cve@mitre.org

http://www.samba.org/samba/security/CVE-2009-2813.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/507856/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/36363

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-839-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/2810

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/53174

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7211

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7257

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7791

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9191

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html