SUSE-SA:2004:035: samba

High Nessus Plugin ID 15423


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2004:035 (samba).

The Samba server, which allows to share files and resources via the SMB/CIFS protocol, contains a bug in the sanitation code of path names which allows remote attackers to access files outside of the defined share. In order to access these files, they must be readable by the account used for the SMB session.
CVE-2004-0815 has been assigned to this issue.


Plugin Details

Severity: High

ID: 15423

File Name: suse_SA_2004_035.nasl

Version: $Revision: 1.7 $

Agent: unix

Published: 2004/10/05

Modified: 2016/12/27

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Reference Information

CVE: CVE-2004-0815