Info

Disclosure

Oct 20, 2004

Discovery

Unknown

Dates

Exploit

Oct 20, 2004

Solution

Unknown

Description

The HP CIFS Server contains a flaw that allows a remote attacker to read or write files outside of the shared directory path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "unix_convert()" and "check_name()" variables when converting DOS path names to filenames which are valid on the server filesystem.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version A.01.11.03 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Hewlett-Packard Development Company, L.P.

CIFS Server

A.01.11.02

References

Bugtraq ID: 11281
Secunia Advisory ID: 12895
CVE ID: 2004-0815 (see also: NVD)
Vendor Specific Advisory URL: http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01086

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218