Red Hat Bugzilla – Bug 479110
CVE-2009-0022 samba: potential access to "/" in setups with registry shares enabled
Last modified: 2009-01-08 02:33:31 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0022 to the following vulnerability:
Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows
remote authenticated users to access the root filesystem via a crafted
connection request that specifies a blank share name.
Issue was fixed upstream in 3.2.7.
This issue did not affect the versions of samba as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
samba-3.2.7-0.23.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: