DEBIAN-CVE-2009-1888

DEBIAN-CVE-2009-1888 PUBLISHED CVSS 8.699999809265137 HIGH

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:11	samba	0, 0, 0
Debian:14	samba	0, 0, 0
Debian:12	samba	0, 0, 0
Debian:13	samba	0, 0, 0

Timeline

Jun 25, 2009 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2009-1888 advisory

Open in Interactive Console →