CVE-2004-0815 in Sambainfo

Summary

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

Once again VulDB remains the best source for vulnerability data.

Reservation

08/25/2004

Disclosure

11/03/2004

Moderation

VulDB entry created

Entries

VDB-858 (1)

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

7.0

EPSS

0.08221

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0815
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0815
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0815/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!