CVE-2021-31800 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Directory traversal |
| Description | Multiple path traversal vulnerabilities exist in smbserver.py in Impacket before version 0.9.23. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1916 | impacket | 0.9.22-1 | 0.9.23-1 | Medium | Fixed | FS#70714 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 21 Jul 2021 | ASA-202107-56 | AVG-1916 | impacket | Medium | directory traversal |
| References |
|---|
https://github.com/SecureAuthCorp/impacket/pull/1066 https://github.com/SecureAuthCorp/impacket/commit/99bd29e3995c254e2d6f6c2e3454e4271665955a |