Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0815

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0815
Last Modified 28 Jan 2010 12:34:03
Published 03 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0815

Summary

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

Vulnerable Systems

Application

  • Samba 2.2.0

  • Samba 2.2.0a

  • Samba 2.2.11

  • Samba 2.2.1a

  • Samba 2.2.2

  • Samba 2.2.3

  • Samba 2.2.3a

  • Samba 2.2.4

  • Samba 2.2.5

  • Samba 2.2.6

  • Samba 2.2.7

  • Samba 2.2.7a

  • Samba 2.2.8

  • Samba 2.2.8a

  • Samba 2.2.9

  • Samba 2.2a

  • Samba 3.0

  • Samba 3.0.0

  • Samba 3.0.1

  • Samba 3.0.2

  • Samba 3.0.2a


References

BID - 11281

DEBIAN - DSA-600

BUGTRAQ - 20040930 Samba Security Announcement -- Potential Arbitrary File Access

CONECTIVA - CLA-2004:873

FEDORA - FLSA:2102

XF - samba-file-access(17556)

TRUSTIX - 2004-0051

SUSE - SUSE-SA:2004:035

MANDRAKE - MDKSA-2004:104

IDEFENSE - 20040930 Samba Arbitrary File Access Vulnerability

CONFIRM - http://us4.samba.org/samba/news/#security_2.2.12

SUNALERT - 200529

BUGTRAQ - 20041005 ERRATA: Potential Arbitrary File Access (CAN-2004-0815)

REDHAT - RHSA-2004:498

SUNALERT - 57664

SUNALERT - 101584


Last Updated: 27 May 2016 10:38:46