=========================================================== == Subject: Misconfigured /etc/passwd file may share folders unexpectedly == == CVE ID#: CVE-CVE-2009-2813 == == Versions: All versions of Samba later than 3.0.11 == == Summary: If a user in /etc/passwd is misconfigured to have == an empty home directory then connecting to the home == share of this user will use the root of the filesystem == as the home directory. =========================================================== =========== Description =========== If a user in /etc/passwd is misconfigured to have an empty home directory (::) and the automated [homes] share is enabled, or an explicit share is created with that username, then any client connecting to that share name will be able to access the whole filesystem from root (/) on downwards, subject to local file system permissions applied to the connecting user. ================== Patch Availability ================== Patches addressing both these issues have been posted to: http://www.samba.org/samba/security/ (Karolin: can you fill in this part?) ========== Workaround ========== Do not configure users in /etc/passwd with a blank home directory field. ======= Credits ======= Originally reported by J. David Hester of LCG Systems National Institutes of Health and forwarded to the Samba Team by Apple Computer Inc. Patches provided by Apple and Jeremy Allison of the Samba team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ==========================================================
Created attachment 4748 [details] Samba 3.0.36 patch
Created attachment 4749 [details] Samba 3.2.14 path
Created attachment 4750 [details] Samba 3.3.7 patch
Created attachment 4751 [details] Samba 3.4.1 patch
All patches submitted for security fix. Jeremy.
Patch is included in 3.0.37, 3.2.15, 3.3.8 and 3.4.2. Patch for master/v3-5-test is missing. Jeremy, please push that one to master and v3-5-test also and close out the bug report after that. Thanks a lot!
Pushed to master and v3-5-test. Jeremy.