Vulnerability Name: CVE-2001-1162 (CCN-6731) Assigned: 2001-06-23 Published: 2001-06-23 Updated: 2017-10-10 Summary: Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Privileges References: Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-01:45samba Source: CCN Type: Caldera International, Inc. Security Advisory CSSA-2001-024.0OpenLinux: samba remote root problem Source: CCN Type: SGI Security Advisory 20011002-01-PSamba for IRIX vulnerability Source: SGI Type: UNKNOWN20011002-01-P Source: CCN Type: BugTraq Mailing List, Sat Jun 23 2001 - 22:24:26 CDTsmbd remote file creation vulnerability Source: CIAC Type: UNKNOWNL-105 Source: MITRE Type: CNACVE-2001-1162 Source: CONECTIVA Type: UNKNOWNCLA-2001:405 Source: CCN Type: Conectiva Linux Announcement CLSA-2001:405samba Source: CCN Type: Immunix OS Security Advisory IMNX-2001-70-027-01samba, samba-client, samba-common Source: IMMUNIX Type: UNKNOWNIMNX-2001-70-027-01 Source: CCN Type: Trustix Secure Linux Security Advisory #2001-0011Samba Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX0107-157Security Vulnerability in CIFS/9000 Server #2 Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBMP0107-012Security Vulnerability in CIFS/9000 Server #2 Source: CCN Type: RHSA-2001-086New Samba packages available for Red Hat Linux 5.2 Source: CCN Type: Samba Security Vulnerability, June 23rd 2001IMPORTANT: Security bugfix for Samba Source: CONFIRM Type: UNKNOWNhttp://us1.samba.org/samba/whatsnew/macroexploit.html Source: CCN Type: Samba Web siteThe Samba Team are pleased to announce Samba 2.2.1 Source: CALDERA Type: UNKNOWNCSSA-2001-024.0 Source: CCN Type: CIAC Information Bulletin L-105Samba Security Vulnerability Source: DEBIAN Type: UNKNOWNDSA-065 Source: DEBIAN Type: DSA-065samba -- remote file append/creation Source: MANDRAKE Type: UNKNOWNMDKSA-2001-062 Source: CCN Type: OSVDB ID: 656Samba NETBIOS Name Traversal Arbitrary Remote File Creation Source: REDHAT Type: UNKNOWNRHSA-2001:086 Source: HP Type: UNKNOWNHPSBUX0107-157 Source: BUGTRAQ Type: Exploit, Patch, Vendor Advisory20010623 smbd remote file creation vulnerability Source: BID Type: Exploit, Patch, Vendor Advisory2928 Source: CCN Type: BID-2928Samba Remote Arbitrary File Creation Vulnerability Source: CCN Type: SuSE Security Announcement SuSE-SA:2001:021samba Source: XF Type: UNKNOWNsamba-netbios-file-creation(6731) Source: XF Type: UNKNOWNsamba-netbios-file-creation(6731) Vulnerable Configuration: Configuration 1 :cpe:/a:samba:samba:2.0.5:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.6:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.7:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.8:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.0.9:*:*:*:*:*:*:* OR cpe:/a:samba:samba:2.2.0:*:*:*:*:*:*:* Configuration 2 :cpe:/a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:samba:samba:*:*:*:*:*:*:*:* AND cpe:/o:hp:mpe_ix:*:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:5.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:6.3:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:6.4:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:freebsd:ports_collection:*:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.0es:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.1:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:4.2:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:5.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:prg_graficos:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:ecommerce:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:5.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:* OR cpe:/a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
samba samba 2.0.5
samba samba 2.0.6
samba samba 2.0.7
samba samba 2.0.8
samba samba 2.0.9
samba samba 2.2.0
hp cifs-9000 server a.01.05
hp cifs-9000 server a.01.06
samba samba *
hp mpe ix *
redhat linux 5.2
redhat linux 6.2
suse suse linux 6.3
suse suse linux 6.4
debian debian linux 2.2
mandrakesoft mandrake linux 7.1
freebsd ports collection *
trustix secure linux 1.1
redhat linux 7
mandrakesoft mandrake linux 7.2
suse suse linux 7.0
conectiva linux 6.0
mandrakesoft mandrake linux corporate server 1.0.1
suse suse linux 7.1
redhat linux 7.1
trustix secure linux 1.01
trustix secure linux 1.2
mandrakesoft mandrake linux 8.0
conectiva linux 4.0
conectiva linux 4.0es
conectiva linux 4.1
conectiva linux 4.2
conectiva linux 5.0
conectiva linux prg_graficos
conectiva linux ecommerce
conectiva linux 5.1
suse suse linux 7.2
redhat linux 7.2
redhat linux 7.3
hp cifs-9000 server a.01.05
hp cifs-9000 server a.01.06