VYPR
Unrated severityNVD Advisory· Published Nov 3, 2004· Updated Jun 16, 2026

CVE-2004-0815

CVE-2004-0815

Description

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21
  • cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
    • (no CPE)range: <=2.2.11, <3.0.2a

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.