Search for vulnerabilities
Vulnerability details: VCID-8h42-pwx6-aaap
Vulnerability ID VCID-8h42-pwx6-aaap
Aliases CVE-2008-3789
Summary Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-732 Incorrect Permission Assignment for Critical Resource
System Score Found at
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00078 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.00858 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.0089 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.01098 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
epss 0.01098 https://api.first.org/data/v1/epss?cve=CVE-2008-3789
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=460150
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2008-3789
Reference id Reference type URL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3789.json
http://samba.org/samba/security/CVE-2008-3789.html
https://api.first.org/data/v1/epss?cve=CVE-2008-3789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789
http://secunia.com/advisories/31601
https://exchange.xforce.ibmcloud.com/vulnerabilities/44678
http://www.openwall.com/lists/oss-security/2008/08/26/2
http://www.securityfocus.com/bid/30837
http://www.securitytracker.com/id?1020770
http://www.vupen.com/english/advisories/2008/2440
460150 https://bugzilla.redhat.com/show_bug.cgi?id=460150
496073 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.2.0:*:*:*:*:*:*:*
CVE-2008-3789 https://nvd.nist.gov/vuln/detail/CVE-2008-3789
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3789
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.34417
EPSS Score 0.00078
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.