Details of VAR-201006-0135

ID

VAR-201006-0135

CVE

CVE-2010-1381

TITLE

Apple Mac OS X of SMB Vulnerability in file server accessing arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2010-001661

DESCRIPTION

The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enables support for wide links, which allows remote authenticated users to access arbitrary files via vectors involving symbolic links. NOTE: this might overlap CVE-2010-0926. This vulnerability CVE-2010-0926 And may be duplicated.An arbitrary file may be accessed by a remotely authenticated user via a symbolic link. Attackers require access to a mounted SMB share to exploit this issue. An attacker can exploit this issue to bypass certain security restrictions to access arbitrary files. This may aid in further attacks. This issue affects Mac OS X 10.5.8, Mac OS X Server 10.5.8, Mac OS X 10.6 through 10.6.3, and Mac OS X Server 10.6 through 10.6.3. NOTE: This issue was previously covered in BID 40871 (Apple Mac OS X Prior to 10.6.4 Multiple Security Vulnerabilities), but has been given its own record to better document it. The update addresses new vulnerabilities that affect the CUPS, DesktopServices, Folder Manager, Help Viewer, iChat, ImageIO, Network Authorization, Open Directory, Printer Setup, Printing, Ruby, SMB File Server, and Wiki Server components of Mac OS X. The advisory also contains security updates for 13 previously reported issues. This BID is being retired

Trust: 2.34

sources: NVD: CVE-2010-1381 // JVNDB: JVNDB-2010-001661 // BID: 40893 // BID: 40871 // VULHUB: VHN-43986 // VULMON: CVE-2010-1381

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.2	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.5.8	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.3	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.1	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.5.8	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.6.0	Trust: 1.6
vendor:	apple	model:	mac os x server	scope:	eq	version:	10.6.0	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.5.8	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.6 to v10.6.3	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.5.8	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.6 to v10.6.3	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.8	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.7	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.6	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.8	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.7	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	ne	version:	x10.6.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	ne	version:	x10.6.4	Trust: 0.6

sources: BID: 40893 // BID: 40871 // JVNDB: JVNDB-2010-001661 // CNNVD: CNNVD-201006-292 // NVD: CVE-2010-1381

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-1381
value:	LOW
Trust: 1.0
NVD:	CVE-2010-1381
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-201006-292
value:	LOW
Trust: 0.6
VULHUB:	VHN-43986
value:	LOW
Trust: 0.1
VULMON:	CVE-2010-1381
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2010-1381
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-43986
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-43986 // VULMON: CVE-2010-1381 // JVNDB: JVNDB-2010-001661 // CNNVD: CNNVD-201006-292 // NVD: CVE-2010-1381

PROBLEMTYPE DATA

problemtype:

CWE-16

Trust: 1.9

sources: VULHUB: VHN-43986 // JVNDB: JVNDB-2010-001661 // NVD: CVE-2010-1381

THREAT TYPE

network

Trust: 0.6

sources: BID: 40893 // BID: 40871

TYPE

Configuration Error

Trust: 0.9

sources: BID: 40893 // CNNVD: CNNVD-201006-292

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-001661

PATCH

title:	HT4188	url:	http://support.apple.com/kb/HT4188	Trust: 0.8
title:	HT4188	url:	http://support.apple.com/kb/HT4188?viewlocale=ja_JP	Trust: 0.8
title:	Mac OS X v10.6.4 Update (Combo)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3705	Trust: 0.6
title:	Mac OS X Server v10.6.4 Update Mac mini (Mid 2010)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3709	Trust: 0.6
title:	Mac OS X v10.6.4 Update	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3704	Trust: 0.6
title:	Mac OS X Server v10.6.4 Update (Combo)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3708	Trust: 0.6
title:	Security Update 2010-004 (Leopard-Client)	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3703	Trust: 0.6

sources: JVNDB: JVNDB-2010-001661 // CNNVD: CNNVD-201006-292

EXTERNAL IDS

db:	NVD	id:	CVE-2010-1381	Trust: 2.9
db:	SECUNIA	id:	40220	Trust: 2.6
db:	VUPEN	id:	ADV-2010-1481	Trust: 2.5
db:	SECTRACK	id:	1024103	Trust: 2.5
db:	BID	id:	40871	Trust: 2.1
db:	JVNDB	id:	JVNDB-2010-001661	Trust: 0.8
db:	CNNVD	id:	CNNVD-201006-292	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2010-06-15-1	Trust: 0.6
db:	BID	id:	40893	Trust: 0.5
db:	VULHUB	id:	VHN-43986	Trust: 0.1
db:	VUPEN	id:	2010/1481	Trust: 0.1
db:	VULMON	id:	CVE-2010-1381	Trust: 0.1

sources: VULHUB: VHN-43986 // VULMON: CVE-2010-1381 // BID: 40893 // BID: 40871 // JVNDB: JVNDB-2010-001661 // CNNVD: CNNVD-201006-292 // NVD: CVE-2010-1381

REFERENCES

url:	http://securitytracker.com/id?1024103	Trust: 2.6
url:	http://secunia.com/advisories/40220	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2010/1481	Trust: 2.6
url:	http://lists.apple.com/archives/security-announce/2010//jun/msg00001.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/40871	Trust: 1.8
url:	http://support.apple.com/kb/ht4188	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1381	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1381	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/16.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/40893	Trust: 0.1

sources: VULHUB: VHN-43986 // VULMON: CVE-2010-1381 // BID: 40893 // BID: 40871 // JVNDB: JVNDB-2010-001661 // CNNVD: CNNVD-201006-292 // NVD: CVE-2010-1381

CREDITS

Apple; Adrian 'pagvac' Pastor of GNUCITIZEN, and Tim Starling; Tim Waugh; Luca Carettoni; Michi Ruepp of pianobakery.com; Clint Ruoho of Laconic Security; Kevin Finisterre of digitalmunition.com; MIT Kerberos Team; Joel Johnson, Debian, Brian Almeida; Emm

Trust: 0.6

sources: CNNVD: CNNVD-201006-292

SOURCES

db:	VULHUB	id:	VHN-43986
db:	VULMON	id:	CVE-2010-1381
db:	BID	id:	40893
db:	BID	id:	40871
db:	JVNDB	id:	JVNDB-2010-001661
db:	CNNVD	id:	CNNVD-201006-292
db:	NVD	id:	CVE-2010-1381

LAST UPDATE DATE

2025-04-11T21:17:19.567000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-43986	date:	2010-06-18T00:00:00
db:	VULMON	id:	CVE-2010-1381	date:	2010-06-18T00:00:00
db:	BID	id:	40893	date:	2010-06-15T00:00:00
db:	BID	id:	40871	date:	2010-06-16T21:59:00
db:	JVNDB	id:	JVNDB-2010-001661	date:	2010-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201006-292	date:	2010-06-21T00:00:00
db:	NVD	id:	CVE-2010-1381	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-43986	date:	2010-06-17T00:00:00
db:	VULMON	id:	CVE-2010-1381	date:	2010-06-17T00:00:00
db:	BID	id:	40893	date:	2010-06-15T00:00:00
db:	BID	id:	40871	date:	2010-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2010-001661	date:	2010-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201006-292	date:	2010-06-21T00:00:00
db:	NVD	id:	CVE-2010-1381	date:	2010-06-17T16:30:01.733