DescriptionThe unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2004:035, published Tuesday, Oct 5th 2004 16:53:01 MEST
SUSE Timeline for this CVECVE page created: Fri Jun 28 00:58:07 2013
CVE page last modified: Fri Oct 7 12:45:29 2022