FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0815

This CVE name corresponds to:

Entered Topic
2004-09-30 samba -- remote file disclosure

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0815 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0815
Phase Assigned(20040825)

Description

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

References

Source Reference
CONFIRM http://us4.samba.org/samba/news/#security_2.2.12
IDEFENSE 20040930 Samba Arbitrary File Access Vulnerability
BUGTRAQ 20040930 Samba Security Announcement -- Potential Arbitrary File Access
BUGTRAQ 20041005 ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
CONECTIVA CLA-2004:873
DEBIAN DSA-600
FEDORA FLSA:2102
MANDRAKE MDKSA-2004:104
REDHAT RHSA-2004:498
SUNALERT 101584
SUNALERT 57664
SUNALERT 200529
SUSE SUSE-SA:2004:035
TRUSTIX 2004-0051
XF samba-file-access(17556)
BID 11281

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.