Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0815

Опубликовано: 03 нояб. 2004
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*

EPSS

Процентиль: 92%
0.08221
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2004-0815

redhat
почти 21 год назад

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

debian логотип

CVE-2004-0815

debian
почти 21 год назад

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x ...

github логотип

GHSA-fmc4-f425-jjcv

github
больше 3 лет назад

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

EPSS

Процентиль: 92%
0.08221
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other