CVE-2004-0815

Name of the Vulnerable Software and Affected Versions Samba versions 2.2.0 through 2.2.11 Samba versions 3.0.0 through 3.0.2a

Description The issue allows remote attackers to bypass specified share restrictions and access files and directories outside of the share path. This is due to the unix clean name function trimming certain directory names down to absolute paths when "/.////" style sequences are used in pathnames. The unix convert() function converts names from the DOS namespace to Unix namespace and calls unix clean name(), which removes double slashes, leading './' characters, and '..' directory-traversal characters. However, this process can be exploited to specify the real path of any file on the computer.

Recommendations For Samba versions 2.2.0 through 2.2.11, update to a version outside of this range to mitigate the risk. For Samba versions 3.0.0 through 3.0.2a, update to version 3.0.2a or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories until a patch is applied.