Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2023-34968

created 4 months, 3 weeks ago

Samba: spotlight server-side share path disclosure

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.

Affected products

samba

==4.17.10
==4.18.5
*
==4.16.11

samba4

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>