Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:498
HistoryOct 04, 2004 - 12:00 a.m.

(RHSA-2004:498) samba security update

2004-10-0400:00:00
access.redhat.com
7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.865 High

EPSS

Percentile

98.3%

JSON

Samba provides file and printer sharing services to SMB/CIFS clients.

Karol Wiesek discovered an input validation issue in Samba prior to 3.0.6.
An authenticated user could send a carefully crafted request to the Samba
server, which would allow access to files outside of the configured file
share. Note: Such files would have to be readable by the account used
for the connection. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0815 to this issue.

This issue does not affect Red Hat Enterprise Linux 3 as a previous erratum
updated to Samba 3.0.6 which is not vulnerable to this issue.

Users of Samba should upgrade to these updated packages, which contain an
upgrade to Samba-2.2.12, which is not vulnerable to this issue.

Related

openvas 7
nessus 6
cve 2
samba 1
securityvulns 2
debian 2
debiancve 1
osv 1
freebsd 1
suse 1
openvas
openvas
HP-UX Update for CIFS Samba Server HPSBUX01086
2009-05-05 00:00:00
Debian Security Advisory DSA 600-1 (samba)
2008-01-17 00:00:00
FreeBSD Ports: samba
2008-09-04 00:00:00
nessus
nessus
Samba MS-DOS Path Request Arbitrary File Retrieval
2004-09-30 00:00:00
SUSE-SA:2004:035: samba
2004-10-05 00:00:00
Debian DSA-600-1 : samba - arbitrary file access
2004-11-10 00:00:00
cve
cve
CVE-2004-0815
2004-11-03 05:00:00
CVE-2004-0910
2004-11-03 05:00:00
samba
samba
Potential Arbitrary File Access
2004-09-30 00:00:00
securityvulns
securityvulns
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
2004-10-06 00:00:00
iDEFENSE Security Advisory 09.30.04 - Samba Arbitrary File Access Vulnerability
2004-10-01 00:00:00
debian
debian
[SECURITY] [DSA 600-1] New samba packages fix arbitrary file access
2004-10-07 07:45:17
[SECURITY] [DSA 600-1] New samba packages fix arbitrary file access
2004-10-07 07:45:17
debiancve
debiancve
CVE-2004-0815
2004-11-03 05:00:00
osv
osv
samba - arbitrary file access
2004-10-07 00:00:00
freebsd
freebsd
samba -- remote file disclosure
2004-09-30 00:00:00
suse
suse
remote file disclosure in samba
2004-10-05 14:57:32

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.865 High

EPSS

Percentile

98.3%

JSON
Related for RHSA-2004:498
openvas7nessus6cve2samba1securityvulns2debian2debiancve1osv1freebsd1suse1