CVE-2001-1162

  • Last update: Apr 13, 2023

Description

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Software From Fixed in
samba / samba 2.0.5 2.0.5.x
samba / samba 2.0.6 2.0.6.x
samba / samba 2.0.7 2.0.7.x
samba / samba 2.0.8 2.0.8.x
samba / samba 2.0.9 2.0.9.x
samba / samba 2.2.0 2.2.0.x
hp / cifs-9000_server a.01.05 a.01.05.x
hp / cifs-9000_server a.01.06 a.01.06.x

Details

    • Severity: High
  • CVE: CVE-2001-1162
  • Published: Jun 23, 2001
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C