The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-10-16T04:00:00

Updated: 2024-08-08T00:31:47.853Z

Reserved: 2004-08-25T00:00:00

Link: CVE-2004-0815

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-11-03T05:00:00.000

Modified: 2024-11-20T23:49:28.753

Link: CVE-2004-0815

cve-icon Redhat

Severity : Important

Publid Date: 2004-09-30T00:00:00Z

Links: CVE-2004-0815 - Bugzilla