CVE-2023-3961

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-3961
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3961.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-3961
Related
Published
2023-11-03T13:15:08Z
Modified
2024-09-16T16:52:47.577135Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.

References

Affected packages

Alpine:v3.18 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.8-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.3-r0
4.15.3-r1
4.15.5-r0
4.15.5-r1
4.15.6-r0
4.15.7-r0
4.15.7-r1
4.15.9-r0
4.16.4-r0
4.16.6-r0
4.16.7-r0
4.16.7-r1
4.16.8-r0
4.16.8-r1
4.17.4-r0
4.17.4-r1
4.17.5-r0
4.17.5-r1
4.18.0-r0
4.18.1-r0
4.18.1-r1
4.18.2-r0
4.18.3-r0
4.18.4-r0
4.18.5-r0
4.18.6-r0
4.18.7-r0

Alpine:v3.19 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.8-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.3-r0
4.15.3-r1
4.15.5-r0
4.15.5-r1
4.15.6-r0
4.15.7-r0
4.15.7-r1
4.15.9-r0
4.16.4-r0
4.16.6-r0
4.16.7-r0
4.16.7-r1
4.16.8-r0
4.16.8-r1
4.17.4-r0
4.17.4-r1
4.17.5-r0
4.17.5-r1
4.18.0-r0
4.18.1-r0
4.18.1-r1
4.18.2-r0
4.18.3-r0
4.18.3-r1
4.18.4-r0
4.18.5-r0
4.18.5-r1
4.18.6-r0
4.18.7-r0

Alpine:v3.20 / samba

Package

Name
samba
Purl
pkg:apk/alpine/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.8-r0

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.10-r0
3.2.11-r0
3.2.11-r1
3.3.4-r0
3.3.5-r0
3.3.5-r1
3.3.5-r2
3.3.6-r0
3.3.7-r0
3.3.7-r1
3.3.7-r2
3.3.7-r3
3.3.7-r4
3.3.8-r0
3.4.3-r0
3.4.3-r1
3.4.4-r0
3.4.5-r0
3.4.5-r1
3.4.7-r0
3.4.7-r1
3.5.2-r0
3.5.3-r0
3.5.4-r0
3.5.4-r1
3.5.5-r0
3.5.6-r0
3.5.6-r1
3.5.6-r2
3.5.6-r3
3.5.6-r4
3.5.7-r0
3.5.8-r0
3.5.9-r0
3.5.9-r1
3.5.10-r0
3.5.11-r0
3.6.1-r0
3.6.1-r1
3.6.1-r2
3.6.2-r0
3.6.3-r0
3.6.4-r0
3.6.4-r1
3.6.5-r0
3.6.6-r0
3.6.7-r0
3.6.7-r1
3.6.8-r0
3.6.8-r1
3.6.9-r0
3.6.10-r0
3.6.11-r0
3.6.12-r0
3.6.13-r0
3.6.13-r1
3.6.15-r0
3.6.16-r0
3.6.19-r0
3.6.19-r1

4.*

4.1.0-r1
4.1.0-r2
4.1.1-r0
4.1.2-r0
4.1.3-r0
4.1.3-r1
4.1.3-r2
4.1.4-r0
4.1.5-r0
4.1.5-r1
4.1.6-r0
4.1.7-r0
4.1.8-r0
4.1.9-r0
4.1.10-r0
4.1.11-r0
4.1.12-r0
4.1.13-r0
4.1.14-r0
4.1.14-r1
4.1.15-r0
4.1.16-r0
4.1.17-r0
4.2.0-r0
4.2.0-r1
4.2.1-r0
4.2.1-r1
4.2.1-r2
4.2.3-r0
4.2.3-r1
4.2.3-r2
4.2.3-r3
4.2.7-r0
4.2.9-r0
4.2.9-r1
4.4.2-r0
4.4.2-r1
4.4.3-r0
4.4.4-r0
4.4.5-r0
4.4.5-r1
4.5.1-r0
4.5.3-r0
4.5.3-r1
4.5.4-r0
4.6.0-r0
4.6.1-r0
4.6.1-r1
4.6.1-r2
4.6.4-r0
4.6.5-r0
4.6.6-r0
4.6.6-r1
4.7.0-r0
4.7.0-r1
4.7.0-r2
4.7.1-r0
4.7.2-r0
4.7.3-r0
4.7.4-r0
4.7.6-r0
4.8.0-r0
4.8.1-r0
4.8.2-r0
4.8.2-r1
4.8.4-r0
4.8.4-r1
4.8.5-r0
4.8.7-r0
4.8.8-r0
4.8.11-r0
4.8.11-r1
4.10.2-r0
4.10.3-r0
4.10.4-r0
4.10.4-r1
4.10.5-r0
4.10.6-r0
4.10.8-r0
4.10.8-r1
4.11.1-r0
4.11.2-r0
4.11.2-r1
4.11.2-r2
4.11.3-r0
4.11.4-r0
4.11.4-r1
4.11.5-r0
4.11.6-r0
4.12.0-r0
4.12.1-r0
4.12.2-r0
4.12.2-r1
4.12.2-r2
4.12.5-r0
4.12.6-r0
4.12.7-r0
4.12.8-r0
4.12.9-r0
4.13.2-r0
4.13.2-r1
4.13.3-r0
4.13.3-r1
4.13.3-r2
4.13.5-r0
4.14.2-r0
4.14.2-r1
4.14.4-r0
4.14.5-r0
4.14.6-r0
4.14.6-r1
4.15.0-r0
4.15.1-r0
4.15.1-r1
4.15.2-r0
4.15.3-r0
4.15.3-r1
4.15.5-r0
4.15.5-r1
4.15.6-r0
4.15.7-r0
4.15.7-r1
4.15.9-r0
4.16.4-r0
4.16.6-r0
4.16.7-r0
4.16.7-r1
4.16.8-r0
4.16.8-r1
4.17.4-r0
4.17.4-r1
4.17.5-r0
4.17.5-r1
4.18.0-r0
4.18.1-r0
4.18.1-r1
4.18.2-r0
4.18.3-r0
4.18.3-r1
4.18.4-r0
4.18.5-r0
4.18.5-r1
4.18.6-r0
4.18.7-r0

Debian:12 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.17.12+dfsg-0+deb12u1

Affected versions

2:4.*

2:4.17.8+dfsg-2
2:4.17.9+dfsg-0+deb12u1
2:4.17.9+dfsg-0+deb12u2
2:4.17.9+dfsg-0+deb12u3~bpo11+1
2:4.17.9+dfsg-0+deb12u3
2:4.17.10+dfsg-0+deb12u1~bpo11+1
2:4.17.10+dfsg-0+deb12u1
2:4.17.11+dfsg-0+deb12u1
2:4.17.12+dfsg-0+deb12u1~bpo11+1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name
samba
Purl
pkg:deb/debian/samba?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:4.19.1+dfsg-1

Affected versions

2:4.*

2:4.17.8+dfsg-2
2:4.18.0~rc1+dfsg-1exp
2:4.18.0~rc2+dfsg-1
2:4.18.0~rc3+dfsg-1
2:4.18.0~rc4+dfsg-1
2:4.18.0+dfsg-1~exp1
2:4.18.1+dfsg-1~exp1
2:4.18.2+dfsg-1
2:4.18.3+dfsg-1
2:4.18.3+dfsg-2
2:4.18.3+dfsg-3
2:4.18.4+dfsg-1
2:4.18.4+dfsg-2~bpo12+1
2:4.18.4+dfsg-2
2:4.18.5+dfsg-1
2:4.18.5+dfsg-2~bpo12+1
2:4.18.5+dfsg-2
2:4.18.6+dfsg-1~bpo12+1
2:4.18.6+dfsg-1
2:4.18.8+dfsg-1~bpo12+1
2:4.19.0~rc1+dfsg-1
2:4.19.0~rc1+dfsg-2
2:4.19.0~rc1+dfsg-3
2:4.19.0~rc2+dfsg-1
2:4.19.0~rc4+dfsg-1
2:4.19.0~rc4+dfsg-2
2:4.19.0+dfsg-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type
GIT
Repo
https://github.com/samba-team/samba
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7ec207cd4146919e4ee88e5522647c169baf6922

Affected versions

ldb-1.*

ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.24
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.4.0
ldb-1.4.1
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3

ldb-2.*

ldb-2.0.5
ldb-2.1.0
ldb-2.1.1
ldb-2.2.0
ldb-2.4.0
ldb-2.5.0
ldb-2.6.0
ldb-2.6.1
ldb-2.6.2

samba-4.*

samba-4.0.0alpha10
samba-4.0.0alpha11
samba-4.0.0alpha13
samba-4.0.0alpha14
samba-4.0.0alpha15
samba-4.0.0alpha16
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.10.0rc1
samba-4.11.0rc1
samba-4.12.0rc1
samba-4.13.0rc1
samba-4.14.0rc1
samba-4.15.0rc1
samba-4.16.0rc1
samba-4.17.0
samba-4.17.0rc1
samba-4.17.0rc2
samba-4.17.0rc3
samba-4.17.0rc4
samba-4.17.0rc5
samba-4.17.1
samba-4.17.10
samba-4.17.11
samba-4.17.2
samba-4.17.3
samba-4.17.4
samba-4.17.5
samba-4.17.6
samba-4.17.7
samba-4.17.8
samba-4.17.9
samba-4.2.0rc1
samba-4.3.0rc1
samba-4.4.0rc1
samba-4.5.0rc1
samba-4.6.0rc1
samba-4.7.0rc1
samba-4.8.0rc1
samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0
talloc-2.0.1
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
talloc-2.3.0
talloc-2.3.1
talloc-2.3.2
talloc-2.3.3
talloc-2.3.4

tdb-1.*

tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tdb-1.4.2
tdb-1.4.3
tdb-1.4.4
tdb-1.4.5
tdb-1.4.6
tdb-1.4.7

tevent-0.*

tevent-0.10.0
tevent-0.10.1
tevent-0.10.2
tevent-0.11.0
tevent-0.12.0
tevent-0.12.1
tevent-0.13.0
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8