Potential access to "/" in setups with registry shares enabled

2009-01-05T00:00:00
ID SAMBA:CVE-2009-0022
Type samba
Reporter Samba
Modified 2009-01-05T00:00:00

Description

When connecting to a share called "" (empty string) using an older version of smbclient (before 3.0.28) for example with: 'smbclient //server/ -U user%pass' access to the root filesystem is granted with the privileges of the authenticated user. This only happens in setups with registry shares enabled by setting "registry shares = yes" which is implicitly set with "include = registry" and "config backend = registry", but is not the default.