=========================================================== == Subject: Missing access control check in shadow copy == code. == == CVE ID#: CVE-2015-5299 == == Versions: Versions of Samba from 3.2.0 to 4.3.2 == == Summary: A missing access control check in the VFS == shadow_copy2 module could allow unauthorized == users to access snapshots. == =========================================================== =========== Description =========== All versions of Samba from 3.2.0 to 4.3.2 inclusive are vulnerable to a missing access control check in the vfs_shadow_copy2 module. When looking for the shadow copy directory under the share path the current accessing user should have DIRECTORY_LIST access rights in order to view the current snapshots. This was not being checked in the affected versions of Samba. ================== Patch Availability ================== Patches addressing this defect have been posted to https://www.samba.org/samba/history/security.html Additionally, Samba 4.3.3, 4.2.7 and 4.1.22 have been issued as security releases to correct the defect. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. =========== Workarounds =========== None. ======= Credits ======= The problem was found by <partha@exablox.com> who also provided the fix for the code.