FreeBSD : samba -- remote file disclosure (de16b056-132e-11d9-bc4a-000c41e2cdad)
High Nessus Plugin ID 19144
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionAccording to a Samba Team security notice :
A security vulnerability has been located in Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5. A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection.
The original notice for CAN-2004-0815 indicated that Samba 3.0.x <= 3.0.5 was vulnerable to the security issue. After further research, Samba developers have confirmed that only Samba 3.0.2a and earlier releases contain the exploitable code.
SolutionUpdate the affected packages.