11 matches found
FreeBSD Ports: samba
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian DSA-600-1 : samba - arbitrary file access
A vulnerability has been discovered in samba, a commonly used LanManager-like file and printer server for Unix. A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection, though...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
CVE-2004-0815
CVE-2004-0815 affects Samba 2.2.x (up to 2.2.11) and 3.0.x prior to 3.0.2a. The unix_clean_name function trims certain directory names to absolute paths, enabling a remote attacker to bypass share restrictions and read, write, or list arbitrary files using pathnames containing "/.////" style sequ...
RHEL 2.1 : samba (RHSA-2004:498)
Updated samba packages that fix an input validation vulnerability are now available. Samba provides file and printer sharing services to SMB/CIFS clients. Karol Wiesek discovered an input validation issue in Samba prior to 3.0.6. An authenticated user could send a carefully crafted request to the...
SUSE-SA:2004:035: samba
The remote host is missing the patch for the advisory SUSE-SA:2004:035 samba. The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In...
Mandrake Linux Security Advisory : samba (MDKSA-2004:104)
Karol Wiesek discovered a bug in the input validation routines used to convert DOS path names to path names on the Samba host's file system. This bug can be exploited to gain access to files outside of the share's path as defined in the smb.conf configuration file. This vulnerability exists in al...
Samba MS-DOS Path Request Arbitrary File Retrieval
According to its version number, the remote Samba server is affected by a flaw that allows an attacker to access arbitrary files which exist outside of the shares's defined path. An attacker needs a valid account to exploit this flaw. C Tenable Network Security, Inc. include"compat.inc"; if...
CVE-2004-0910
CVE-2004-0910 is rejected/not used; duplicate of CVE-2004-0815 and not an active vulnerability entry.