CVE-2021-44142

Description from NVD

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

Information Acquisition Date:2022-02-28T16:40Z
CVSS 2.0: 9.0 HIGH CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:S/C:C/I:C/A:C

NVD References

 https://www.samba.org/samba/security/CVE-2021-44142.html
     source:CONFIRM
     tags:Mitigation    Vendor Advisory    
 https://kb.cert.org/vuls/id/119678
     source:CERT-VN
     tags:Patch    Third Party Advisory    
 https://bugzilla.samba.org/show_bug.cgi?id=14914
     source:CONFIRM
     tags:Issue Tracking    Patch    Vendor Advisory    
 https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://blog215
https://cvetrends.com49
http://twinybots.ch40
https://lists.astaro.com/ASGV9-IPS-rules.html#017
https://bit.ly/3GjLcVe6
https://blog.trendmicro.co.jp/archives/301046
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44...5
https://access.redhat.com/security/cve/CVE-2021-441424
https://thehackernews.com/2022/01/new-samba-bug-allows-remo...4
https://twitter.com/TrendMicroRSRCH/status/14888296263319306303
https://www.cve.org/CVERecord?id=CVE-2021-441423
https://www.nukib.cz/cs/infoservis/hrozby/1798-upozorneni-n...3
https://www.samba.org/samba/security/CVE-2021-44142.html3
https://www.thezdi.com3
https://securityaffairs.co/wordpress/127457/security/cve-20...3
https://www.trendmicro.com/en_us/research/22/b/the-samba-vu...3
https://research.trendmicro.com/SambaVulnerability3
https://www.helpnetsecurity.com/2022/02/02/samba-bug-may-al...3
https://globalsecuritydatabase.org3

Information from Twitter

User URL Info Source Date
No Data

List of frequently cited URLs

URLNum of Times Referred to
blog215
cvetrends.com49
twinybots.ch40
lists.astaro.com17
bit.ly6
blog.trendmicro.co.jp6
www.zerodayinitiative.com5
access.redhat.com4
thehackernews.com4
twitter.com3
www.cve.org3
www.nukib.cz3
www.samba.org3
www.thezdi.com3
securityaffairs.co3
www.trendmicro.com3
research.trendmicro.com3
www.helpnetsecurity.com3
globalsecuritydatabase.org3

Information from Twitter

User URL Info Source
No Data
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2022/10/22 Score : 1
Added Har-sia Database : 2022/02/01
Last Modified : 2022/10/22
Highest Scored Date : 2022/02/02
Highest Score : 126