Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2004:035: samba Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the samba package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2004:035 (samba).
The Samba server, which allows to share files and resources via
the SMB/CIFS protocol, contains a bug in the sanitation code of path
names which allows remote attackers to access files outside of the
defined share. In order to access these files, they must be readable
by the account used for the SMB session.
CVE-2004-0815 has been assigned to this issue.
Solution : http://www.suse.de/security/2004_35_samba.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.