CVE-2001-1162
published 2001-06-23CVE-2001-1162: Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files…
PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
12.03%
95.6th percentile
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | cifs-9000_server | — | — |
| hp | cifs-9000_server | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2001-06-23·CVSS 10.0
CVE-2001-1162 [CRITICAL] security flaw
security flaw
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
GHSA
GHSA-8wh4-jc8q-39g3: Directory traversal vulnerability in the %m macro in the smb
ghsa_unreviewed·2022-05-03
CVE-2001-1162 [HIGH] GHSA-8wh4-jc8q-39g3: Directory traversal vulnerability in the %m macro in the smb
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
No detection rules found.
ftp://patches.sgi.com/support/free/security/advisories/20011002-01-Phttp://ciac.llnl.gov/ciac/bulletins/l-105.shtmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000405http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-027-01http://us1.samba.org/samba/whatsnew/macroexploit.htmlhttp://www.calderasystems.com/support/security/advisories/CSSA-2001-024.0.txthttp://www.debian.org/security/2001/dsa-065http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-062.php3http://www.redhat.com/support/errata/RHSA-2001-086.htmlhttp://www.securityfocus.com/advisories/3423http://www.securityfocus.com/archive/1/193027http://www.securityfocus.com/bid/2928https://exchange.xforce.ibmcloud.com/vulnerabilities/6731ftp://patches.sgi.com/support/free/security/advisories/20011002-01-Phttp://ciac.llnl.gov/ciac/bulletins/l-105.shtmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000405http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-027-01http://us1.samba.org/samba/whatsnew/macroexploit.htmlhttp://www.calderasystems.com/support/security/advisories/CSSA-2001-024.0.txthttp://www.debian.org/security/2001/dsa-065http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-062.php3http://www.redhat.com/support/errata/RHSA-2001-086.htmlhttp://www.securityfocus.com/advisories/3423http://www.securityfocus.com/archive/1/193027http://www.securityfocus.com/bid/2928https://exchange.xforce.ibmcloud.com/vulnerabilities/6731
2001-06-23
Published