CVE-2017-2619

HIGH

Samba < 4.4.12 - Symlink Race Condition

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2619. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a race condition in Samba 4.5.2 where an attacker can replace path components with symlinks to access files outside the configured share directory. The PoC involves a race between renaming a symlink and accessing a file, potentially leaking sensitive data.

Description

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textremotemultiple

https://www.exploit-db.com/exploits/41740

View Code ZIP pw:eip

This exploit demonstrates a race condition in Samba 4.5.2 where an attacker can replace path components with symlinks to access files outside the configured share directory. The PoC involves a race between renaming a symlink and accessing a file, potentially leaking sensitive data.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Complex

Reliability

Racy

Target: Samba 4.5.2

No auth needed

Prerequisites: Samba 4.5.2 server with a share configured · Write access to the share directory · Network access to the Samba server

MITRE ATT&CK