E09-30m01
CVSS:
6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
False Positive:
t
Variants:
1
Year:
2009
Description
This strike exploits a root file system access vulnerability in Samba Server. If the registry share definition enabled, the code fails to validate that the share name entered is empty in the TREE CONNECT command, and maps it to the root node of the local filesystem. This does not allow for write permissions, however read access is granted.