VDB
DEBIAN-CVE-2013-4476
DEBIAN-CVE-2013-4476
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | samba | 0, 0, 0 |
| Debian:11 | samba | 0, 0, 0 |
| Debian:13 | samba | 0, 0, 0 |
| Debian:12 | samba | 0, 0, 0 |
Timeline
- Nov 13, 2013 CVE Published
- Apr 28, 2026 CVE Updated