7 matches found
EUVD-2004-0813
Malware in sbrugna...
PT-2025-16194 · Crushftp · Crushftp
Name of the Vulnerable Software and Affected Versions: CrushFTP versions 9.x through 11.3.1 Description: The issue allows directory traversal via the "/WebInterface/function/" URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions. An attacker can send...
Samba: Share restriction bypass via home-less directory user account(s)
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
DEBIAN-CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...
CVE-2004-0815
The unixcleanname function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames...