Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.21 views

FreeBSD Ports: samba

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.6AI score0.04887EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/11/10 12:0 a.m.28 views

Debian DSA-600-1 : samba - arbitrary file access

A vulnerability has been discovered in samba, a commonly used LanManager-like file and printer server for Unix. A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection, though...

7.5CVSS5.4AI score0.04887EPSS
Exploits1References2
NVD
NVD
added 2004/11/03 5:0 a.m.23 views

CVE-2004-0815

The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...

7.5CVSS6.5AI score0.04887EPSS
Exploits1References16
Cvelist
Cvelist
added 2004/10/16 4:0 a.m.19 views

CVE-2004-0815

The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...

6.4AI score0.04887EPSS
Exploits1References16
Debian CVE
Debian CVE
added 2004/10/16 4:0 a.m.33 views

CVE-2004-0815

The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...

7.5CVSS6AI score0.04887EPSS
Exploits1
CVE
CVE
added 2004/10/16 4:0 a.m.82 views

CVE-2004-0815

CVE-2004-0815 affects Samba 2.2.x (up to 2.2.11) and 3.0.x prior to 3.0.2a. The unix_clean_name function trims certain directory names to absolute paths, enabling a remote attacker to bypass share restrictions and read, write, or list arbitrary files using pathnames containing "/.////" style sequ...

7.5CVSS6.4AI score0.04887EPSS
Exploits1References16Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/10/06 12:0 a.m.40 views

RHEL 2.1 : samba (RHSA-2004:498)

Updated samba packages that fix an input validation vulnerability are now available. Samba provides file and printer sharing services to SMB/CIFS clients. Karol Wiesek discovered an input validation issue in Samba prior to 3.0.6. An authenticated user could send a carefully crafted request to the...

7.5CVSS5.4AI score0.04887EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/10/05 12:0 a.m.33 views

SUSE-SA:2004:035: samba

The remote host is missing the patch for the advisory SUSE-SA:2004:035 samba. The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In...

7.5CVSS5.5AI score0.04887EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/10/02 12:0 a.m.26 views

Mandrake Linux Security Advisory : samba (MDKSA-2004:104)

Karol Wiesek discovered a bug in the input validation routines used to convert DOS path names to path names on the Samba host's file system. This bug can be exploited to gain access to files outside of the share's path as defined in the smb.conf configuration file. This vulnerability exists in al...

7.5CVSS5.3AI score0.04887EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/09/30 12:0 a.m.30 views

Samba MS-DOS Path Request Arbitrary File Retrieval

According to its version number, the remote Samba server is affected by a flaw that allows an attacker to access arbitrary files which exist outside of the shares's defined path. An attacker needs a valid account to exploit this flaw. C Tenable Network Security, Inc. include"compat.inc"; if...

7.5CVSS5.8AI score0.04887EPSS
Exploits1References4
CVE
CVE
added 2004/09/28 4:0 a.m.40 views

CVE-2004-0910

CVE-2004-0910 is rejected/not used; duplicate of CVE-2004-0815 and not an active vulnerability entry.

6.4AI score
Exploits0
Rows per page
Query Builder