Vigil@nce - Samba: file creation in mode 0777
April 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the administrator adds a new CIFS share on the Samba domain
controller, files are created with the default mask of 0777.
Impacted products: Samba
Severity: 2/4
Creation date: 19/03/2013
DESCRIPTION OF THE VULNERABILITY
The Samba 4 product can be configured as an Active Directory
Domain Controller.
The "create mask" configuration directive indicates the default
Unix mask to apply on newly created files.
However, when a share is added to the AD, its "create mask" (or
"directory mask") option is set to 0777. Some files can then be
created world readable and writable.
When the administrator adds a new CIFS share on the Samba domain
controller, files are therefore created with the default mask of
0777.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Samba-file-creation-in-mode-0777-12542