CVE-2019-10197
- Source
- https://cve.org/CVERecord?id=CVE-2019-10197
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10197.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-10197
- Downstream
- Related
- Published
- 2019-09-03T15:15:11.223Z
- Modified
- 2026-04-10T04:13:04.837322Z
- Severity
-
- 9.1 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00045.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56ZUXHGDHPM7S6RVAKULZT5EATS37OKA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z6EEKFT24DQI4DMZMSQTLMNZWG4RMZ57/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7NYIUZOCIDXWXGWMZ7O5Z7OJ6IX7EAB/
- https://support.f5.com/csp/article/K69511801
- https://support.f5.com/csp/article/K69511801?utm_source=f5support&%3Butm_medium=RSS
- https://www.debian.org/security/2019/dsa-4513
- https://access.redhat.com/errata/RHSA-2019:3253
- https://access.redhat.com/errata/RHSA-2019:4023
- https://security.gentoo.org/glsa/202003-52
- https://www.samba.org/samba/security/CVE-2019-10197.html
- https://usn.ubuntu.com/4121-1/
- https://seclists.org/bugtraq/2019/Sep/4
- https://security.netapp.com/advisory/ntap-20190903-0001/
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10197
Affected packages
Git / github.com/samba-team/samba
Affected ranges
- Type
- GIT
- Repo
- https://github.com/samba-team/samba
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "4.9.0" }, { "last_affected": "4.9.13" }, { "introduced": "4.10.0" }, { "last_affected": "4.10.8" }, { "introduced": "0" }, { "last_affected": "4.9.0-rc1" }, { "introduced": "0" }, { "last_affected": "4.9.0-rc2" }, { "introduced": "0" }, { "last_affected": "4.9.0-rc3" }, { "introduced": "0" }, { "last_affected": "4.9.0-rc4" }, { "introduced": "0" }, { "last_affected": "4.9.0-rc5" }, { "introduced": "0" }, { "last_affected": "4.10.0-rc1" }, { "introduced": "0" }, { "last_affected": "4.10.0-rc2" }, { "introduced": "0" }, { "last_affected": "4.10.0-rc3" }, { "introduced": "0" }, { "last_affected": "4.10.0-rc4" }, { "introduced": "0" }, { "last_affected": "4.11.0" }, { "introduced": "0" }, { "last_affected": "4.11.0-rc1" }, { "introduced": "0" }, { "last_affected": "4.11.0-rc2" }, { "introduced": "0" }, { "last_affected": "4.11.0-rc3" } ] }
Affected versions
ldb-1.*
ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.4.0
ldb-1.4.1
ldb-1.4.2
ldb-1.4.3
ldb-1.4.4
ldb-1.4.5
ldb-1.4.6
ldb-1.4.7
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.5.3
ldb-1.5.4
ldb-1.5.5
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3
ldb-2.*
ldb-2.0.5
ldb-2.0.6
ldb-2.0.7
samba-4.*
samba-4.0.0alpha10
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.10.0
samba-4.10.0rc1
samba-4.10.0rc2
samba-4.10.0rc3
samba-4.10.0rc4
samba-4.10.1
samba-4.10.6
samba-4.10.7
samba-4.10.8
samba-4.11.0
samba-4.11.0rc1
samba-4.11.0rc2
samba-4.11.0rc3
samba-4.11.0rc4
samba-4.2.0rc1
samba-4.3.0rc1
samba-4.4.0rc1
samba-4.5.0rc1
samba-4.6.0rc1
samba-4.7.0rc1
samba-4.8.0rc1
samba-4.9.0
samba-4.9.0rc1
samba-4.9.0rc2
samba-4.9.0rc3
samba-4.9.0rc4
samba-4.9.0rc5
samba-4.9.1
samba-4.9.10
samba-4.9.11
samba-4.9.12
samba-4.9.13
samba-4.9.2
samba-4.9.4
samba-4.9.5
samba-4.9.7
talloc-1.*
talloc-1.3.1
talloc-2.*
talloc-2.0.0
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
tdb-1.*
tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tevent-0.*
tevent-0.10.0
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8