Samba Releases Security Updates (CVE-2019-3880 & CVE-2019-3870) – Apr 2019

Preface: Samba is an open-source software suite that runs on Unix/Linux based platforms. The design based on SMB network protocol. Samba is able to communicate with Windows clients like a native application.

Synopsis: Windows OS and Linux opensource looks contains their market. A trend shown that Linux base OS well develop in automation industry. Perhaps common printer not compatible with open source Linux. As a result, 3rd party service daemon is going to pick up this responsibility. In fact, vulnerability happens in IT world daily. It is rare that a software or hardware do not have vulnerability. And therefore Samba do not have exception.

Vulnerability details:

CVE-2019-3880 – path/symlink traversal vulnerability, For more details, refer to url.

https://www.samba.org/samba/security/CVE-2019-3880.html

CVE-2019-3870 – During the provision of a new Active Directory DC, some files in the private/ directory are created world-writable. For more details, refer to url.

https://www.samba.org/samba/security/CVE-2019-3870.html