VYPR
Unrated severityNVD Advisory· Published Mar 10, 2010· Updated Jun 16, 2026

CVE-2010-0926

CVE-2010-0926

Description

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20
  • cpe:2.3:a:samba:samba:3.3.0:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:samba:samba:3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.5.0:*:*:*:*:*:*:*
    • (no CPE)range: <3.3.11, <3.4.6, <3.5.0rc3

Patches

Vulnerability mechanics

References

35

News mentions

0

No linked articles in our index yet.