CyberSec.Space Logo
返回 CVE 浏览器

CVE-2001-1162

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile29.69th
Published2001年6月23日
Last Modified2026年4月16日

Vulnerability Description

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Affected Platforms (CPE)

📦
Samba

Samba

= 2.0.5
📦
Samba

Samba

= 2.0.6
📦
Samba

Samba

= 2.0.7
📦
Samba

Samba

= 2.0.8
📦
Samba

Samba

= 2.0.9
📦
Samba

Samba

= 2.2.0
📦
Hp

Cifs 9000 Server

= a.01.05
📦
Hp

Cifs 9000 Server

= a.01.06

References & Advisories

🔗 ftp://patches.sgi.com/support/free/security/advisories/20011002-01-P
🔗 http://ciac.llnl.gov/ciac/bulletins/l-105.shtml
🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000405
🔗 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-027-01
🔗 http://us1.samba.org/samba/whatsnew/macroexploit.html
🔗 http://www.calderasystems.com/support/security/advisories/CSSA-2001-024.0.txt
🔗 http://www.debian.org/security/2001/dsa-065
🔗 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-062.php3

相关漏洞威胁

CVE-2001-098110.0

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without spec...

CVE-1999-018210.0

Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.

CVE-1999-081010.0

Denial of service in Samba NETBIOS name service daemon (nmbd).

CVE-2003-019610.0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service...