Unrated severityNVD Advisory· Published Nov 3, 2004· Updated Jun 16, 2026
CVE-2004-0815
CVE-2004-0815
Description
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
- (no CPE)range: <=2.2.11, <3.0.2a
Patches
Vulnerability mechanics
References
16- distro.conectiva.com.br/atualizacoes/nvdPatchVendor Advisory
- www.debian.org/security/2004/dsa-600nvdPatchVendor Advisory
- www.securityfocus.com/bid/11281nvdPatchVendor Advisory
- www.idefense.com/application/poi/displaynvdExploitVendor Advisory
- marc.infonvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- us4.samba.org/samba/news/nvd
- www.mandrakesecure.net/en/advisories/advisory.phpnvd
- www.novell.com/linux/security/advisories/2004_35_samba.htmlnvd
- www.redhat.com/support/errata/RHSA-2004-498.htmlnvd
- www.securityfocus.com/archive/1/377618nvd
- www.trustix.org/errata/2004/0051/nvd
- bugzilla.fedora.us/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17556nvd
News mentions
0No linked articles in our index yet.