Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2019-10218 - log back

CVE-2019-10218 edited at 31 Oct 2019 09:18:40

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Arbitrary filesystem access

Description

+	An issue has been found in Samba before 4.10.10 where a malicious server can craft a pathname containing separators and return this to client code, causing the client to use this access local pathnames for reading or writing instead of SMB network pathnames.

References

+	https://www.samba.org/samba/security/CVE-2019-10218.html
+	https://www.samba.org/samba/ftp/patches/security/samba-4.10.9-security-2019-10-29.patch

Notes

CVE-2019-10218 created at 31 Oct 2019 09:09:18