CVE-2004-0815

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.idefense.com/application/poi/display?id=146&type=vulnerabilities&flashstatus=true", "name": "20040930 Samba Arbitrary File Access Vulnerability", "tags": ["Exploit", "Vendor Advisory"], "refsource": "IDEFENSE"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873", "name": "CLA-2004:873", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONECTIVA"}, {"url": "http://www.debian.org/security/2004/dsa-600", "name": "DSA-600", "tags": ["Patch", "Vendor Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.securityfocus.com/bid/11281", "name": "11281", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://us4.samba.org/samba/news/#security_2.2.12", "name": "http://us4.samba.org/samba/news/#security_2.2.12", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2102", "name": "FLSA:2102", "tags": [], "refsource": "FEDORA"}, {"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:104", "name": "MDKSA-2004:104", "tags": [], "refsource": "MANDRAKE"}, {"url": "http://www.novell.com/linux/security/advisories/2004_35_samba.html", "name": "SUSE-SA:2004:035", "tags": [], "refsource": "SUSE"}, {"url": "http://www.trustix.org/errata/2004/0051/", "name": "2004-0051", "tags": [], "refsource": "TRUSTIX"}, {"url": "http://www.securityfocus.com/archive/1/377618", "name": "20041005 ERRATA: Potential Arbitrary File Access (CAN-2004-0815)", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.redhat.com/support/errata/RHSA-2004-498.html", "name": "RHSA-2004:498", "tags": [], "refsource": "REDHAT"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101584-1", "name": "101584", "tags": [], "refsource": "SUNALERT"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57664-1", "name": "57664", "tags": [], "refsource": "SUNALERT"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200529-1", "name": "200529", "tags": [], "refsource": "SUNALERT"}, {"url": "http://marc.info/?l=bugtraq&m=109655827913457&w=2", "name": "20040930 Samba Security Announcement -- Potential Arbitrary File Access", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17556", "name": "samba-file-access(17556)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via \"/.////\" style sequences in pathnames."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0815", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2004-11-03T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:25Z"}