VDB
CVE-2001-1162
CVE-2001-1162
PUBLISHED
CVSS 10 CRITICAL
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
EPSS 32.17% · 96.9th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
32.17%
96.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| samba | samba | 2.0.5, 2.2.0, 2.0.6 |
| n/a | n/a | n/a |
| hp | cifs-9000_server | a.01.06, * |
Timeline
- Jun 23, 2001 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- MDKSA-2001-062 vendor-advisory
- HPSBUX0107-157 vendor-advisory
- DSA-065 vendor-advisory
- 2928 vdb
- http://us1.samba.org/samba/whatsnew/macroexploit.html url
- CSSA-2001-024.0 vendor-advisory
- IMNX-2001-70-027-01 vendor-advisory
- RHSA-2001:086 vendor-advisory
- samba-netbios-file-creation(6731) vdb
- 20010623 smbd remote file creation vulnerability mailing-list
- CLA-2001:405 vendor-advisory
- L-105 third-party-advisory
- 20011002-01-P vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2001-1162 advisory