Vulnerability Name: CVE-2001-1162 (CCN-6731) Assigned: 2001-06-23 Published: 2001-06-23 Updated: 2017-10-10 Summary: Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Privileges References: Source: CCNsamba OpenLinux: samba remote root problem Samba for IRIX vulnerability 20011002-01-P smbd remote file creation vulnerability L-105 CVE-2001-1162 CLA-2001:405 samba samba, samba-client, samba-common IMNX-2001-70-027-01 Samba Security Vulnerability in CIFS/9000 Server #2 Security Vulnerability in CIFS/9000 Server #2 New Samba packages available for Red Hat Linux 5.2 IMPORTANT: Security bugfix for Samba http://us1.samba.org/samba/whatsnew/macroexploit.html The Samba Team are pleased to announce Samba 2.2.1 CSSA-2001-024.0 Samba Security Vulnerability DSA-065 samba -- remote file append/creation MDKSA-2001-062 Samba NETBIOS Name Traversal Arbitrary Remote File Creation RHSA-2001:086 HPSBUX0107-157 20010623 smbd remote file creation vulnerability 2928 Samba Remote Arbitrary File Creation Vulnerability samba samba-netbios-file-creation(6731) samba-netbios-file-creation(6731) Vulnerable Configuration: Configuration 1 :cpe:/a:samba:samba:2.0.5:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.6:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.7:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.8:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.9:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.2.0:*:*:*:*:*:*:* Configuration 2 :cpe:/a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:samba:samba:*:*:*:*:*:*:*:* AND cpe:/o:hp:mpe_ix:*:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:5.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:6.3:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:6.4:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:freebsd:ports_collection:*:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.0es:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.1:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.2:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:5.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:prg_graficos:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:ecommerce:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:5.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:* Oval Definitions BACK
samba samba 2.0.5
samba samba 2.0.6
samba samba 2.0.7
samba samba 2.0.8
samba samba 2.0.9
samba samba 2.2.0
hp cifs-9000 server a.01.05
hp cifs-9000 server a.01.06
samba samba *
hp mpe ix *
redhat linux 5.2
redhat linux 6.2
suse suse linux 6.3
suse suse linux 6.4
debian debian linux 2.2
mandrakesoft mandrake linux 7.1
freebsd ports collection *
trustix secure linux 1.1
redhat linux 7
mandrakesoft mandrake linux 7.2
suse suse linux 7.0
conectiva linux 6.0
mandrakesoft mandrake linux corporate server 1.0.1
suse suse linux 7.1
redhat linux 7.1
trustix secure linux 1.01
trustix secure linux 1.2
mandrakesoft mandrake linux 8.0
conectiva linux 4.0
conectiva linux 4.0es
conectiva linux 4.1
conectiva linux 4.2
conectiva linux 5.0
conectiva linux prg_graficos
conectiva linux ecommerce
conectiva linux 5.1
suse suse linux 7.2
redhat linux 7.2
redhat linux 7.3
hp cifs-9000 server a.01.05
hp cifs-9000 server a.01.06
Denotes that component is vulnerable