CVE-2009-1888 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 89%

Vendor	Product	Version
samba	samba	3.0.31 ≤ 𝑥 ≤ 3.0.35
samba	samba	3.2.0 ≤ 𝑥 < 3.2.13
samba	samba	3.3.0 ≤ 𝑥 < 3.3.6
debian	debian_linux	4.0
debian	debian_linux	5.0
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	8.10
canonical	ubuntu_linux	9.04

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

samba

bullseye (security)	2:4.13.13+dfsg-1~deb11u6 fixed
bullseye	2:4.13.13+dfsg-1~deb11u6 fixed
etch	not-affected
bookworm	2:4.17.12+dfsg-0+deb12u1 fixed
bookworm (security)	2:4.17.12+dfsg-0+deb12u1 fixed
sid	2:4.21.1+dfsg-2 fixed
trixie	2:4.21.1+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

samba

jaunty	Fixed 2:3.3.2-1ubuntu3.2 released
intrepid	Fixed 2:3.2.3-1ubuntu3.6 released
hardy	not-affected
dapper	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-264 -

References

http://secunia.com/advisories/35539

http://secunia.com/advisories/35573

http://secunia.com/advisories/35606

http://secunia.com/advisories/36918

http://wiki.rpath.com/Advisories:rPSA-2009-0145

http://www.debian.org/security/2009/dsa-1823

http://www.mandriva.com/security/advisories?name=MDVSA-2009:196

http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch

http://www.samba.org/samba/security/CVE-2009-1888.html

http://www.securityfocus.com/archive/1/507856/100/0/threaded

http://www.securityfocus.com/bid/35472

http://www.securitytracker.com/id?1022442

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591

http://www.ubuntu.com/usn/USN-839-1

http://www.vupen.com/english/advisories/2009/1664

https://exchange.xforce.ibmcloud.com/vulnerabilities/51327

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292

http://secunia.com/advisories/35539

http://secunia.com/advisories/35573

http://secunia.com/advisories/35606

http://secunia.com/advisories/36918

http://wiki.rpath.com/Advisories:rPSA-2009-0145

http://www.debian.org/security/2009/dsa-1823

http://www.mandriva.com/security/advisories?name=MDVSA-2009:196

http://www.samba.org/samba/ftp/patches/security/samba-3.0.34-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.2.12-CVE-2009-1888.patch

http://www.samba.org/samba/ftp/patches/security/samba-3.3.5-CVE-2009-1888.patch

http://www.samba.org/samba/security/CVE-2009-1888.html

http://www.securityfocus.com/archive/1/507856/100/0/threaded

http://www.securityfocus.com/bid/35472

http://www.securitytracker.com/id?1022442

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.521591

http://www.ubuntu.com/usn/USN-839-1

http://www.vupen.com/english/advisories/2009/1664

https://exchange.xforce.ibmcloud.com/vulnerabilities/51327

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10790

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7292