Page 24 of 127 results (0.008 seconds)

CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 3

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. • https://www.exploit-db.com/exploits/20968 ftp://patches.sgi.com/support/free/security/advisories/20011002-01-P http://ciac.llnl.gov/ciac/bulletins/l-105.shtml http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000405 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-027-01 http://us1.samba.org/samba/whatsnew/macroexploit.html http://www.calderasystems.com/support/security/advisories/CSSA-2001-024.0.txt http://www.debian.org/security/2001/dsa-065 http: •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. • https://www.exploit-db.com/exploits/20776 http://archives.neohapsis.com/archives/bugtraq/2001-04/0305.html http://archives.neohapsis.com/archives/bugtraq/2001-04/0319.html http://archives.neohapsis.com/archives/bugtraq/2001-04/0326.html http://archives.neohapsis.com/archives/freebsd/2001-04/0608.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000395 http://www.caldera.com/support/security/advisories/CSSA-2001-015.0.txt http://www.debian.org/security/2001/dsa-048 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 3

Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. • https://www.exploit-db.com/exploits/20341 http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html http://www.securityfocus.com/bid/1874 https://exchange.xforce.ibmcloud.com/vulnerabilities/5445 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 4

Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. • https://www.exploit-db.com/exploits/20339 https://www.exploit-db.com/exploits/20338 http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html http://www.securityfocus.com/bid/1872 https://exchange.xforce.ibmcloud.com/vulnerabilities/5443 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5442 •