Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-34968

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.

Related bugs and status

CVE-2023-34968 (Candidate) is related to these bugs:

Bug #2058868: [Debian] High CVE: CVE-2022-2127/CVE-2022-3437/CVE-2023-34966/CVE-2023-34967/CVE-2023-34968 samba : multiple CVEs

Summary				In	Importance	Status
	2058868	[Debian] High CVE: CVE-2022-2127/CVE-2022-3437/CVE-2023-34966/CVE-2023-34967/CVE-2023-34968 samba : multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MISC: https://access.redhat....
MISC: https://www.samba.org/...
MISC: https://lists.fedorapr...
MISC: https://access.redhat....
MISC: https://lists.fedorapr...
MISC: https://security.netap...
MISC: https://www.debian.org...
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....