Computer Security
[EN] securityvulns.ru no-pyccku


Samba directory traversal
Published:06.02.2010
Source:
SecurityVulns ID:10592
Type:remote
Threat Level:
7/10
Description:It's possible to access any directories in the sysmte by symbolic links.
Affected:SAMBA : Samba 3.4
CVE:CVE-2010-0926 (The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.)
Original documentdocumentKingcope Kingcope, Re: Samba Remote Zero-Day Exploit (06.02.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod