The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In order to access these files, they must be readable by the account used for the SMB session. CAN-2004-0815 has been assigned to this issue.
As a temporary workaround you can set the wide links = no option in smb.conf and restart the samba server. However an update is recommended nevertheless.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 8.1 | i586 | samba | < 2.2.8a-224 | samba-2.2.8a-224.i586.rpm |
openSUSE | 8.2 | i586 | samba | < 2.2.8a-225 | samba-2.2.8a-225.i586.rpm |
openSUSE | 9.0 | x86_64 | samba | < 2.2.8a-226 | samba-2.2.8a-226.x86_64.rpm |
openSUSE | 9.0 | i586 | samba | < 2.2.8a-226 | samba-2.2.8a-226.i586.rpm |