4 matches found
samba: vfs_worm does not block directory modification
A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...
CVE-2026-2340
Samba CVE-2026-2340 affects the vfs_worm module. The issue arises from insufficient validation during rename operations, allowing an authenticated user with write access to a share to overwrite a WORM-protected file by renaming a newly created file over the existing protected file. Impact details...
CVE-2026-2340
A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...
CVE-2021-3277
Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files...