[Bug 1185717] New: VUL-0: CVE-2021-31800: python-impacket: Multiple path traversal vulnerabilities in smbserver.py
http://bugzilla.opensuse.org/show_bug.cgi?id=1185717 Bug ID: 1185717 Summary: VUL-0: CVE-2021-31800: python-impacket: Multiple path traversal vulnerabilities in smbserver.py Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other URL: https://smash.suse.de/issue/283508/ OS: Other Status: NEW Severity: Critical Priority: P5 - None Component: Network Assignee: mardnh@gmx.de Reporter: gianluca.gabrielli@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2021-31800 Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key. References: https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/releases https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/commit/49c643bf66620646884ed141c9... https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... References: https://bugzilla.redhat.com/show_bug.cgi?id=1957426 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31800 https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/commit/49c643bf66620646884ed141c9... https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31800 https://github.com/SecureAuthCorp/impacket/blob/cb6d43a677c338db930bc4e91616... https://github.com/SecureAuthCorp/impacket/releases -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1185717
http://bugzilla.opensuse.org/show_bug.cgi?id=1185717#c1
--- Comment #1 from Gianluca Gabrielli
http://bugzilla.opensuse.org/show_bug.cgi?id=1185717
http://bugzilla.opensuse.org/show_bug.cgi?id=1185717#c2
--- Comment #2 from Gianluca Gabrielli
participants (1)
-
bugzilla_noreply@suse.com