Search for vulnerabilities
Vulnerability ID | VCID-qke4-2rw4-aaak |
Aliases |
CVE-2013-4475
|
Summary | Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS). |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 8.0 |
Risk | 4.0 |
Affected and Fixed Packages | Package Details |
Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
Percentile | 0.74435 |
EPSS Score | 0.00412 |
Published At | Nov. 1, 2024, midnight |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |