Vulnerabilities > CVE-2000-0936 - Unspecified vulnerability in Samba 2.0.7

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

samba

exploit available

NVD

Published: 2000-12-19

Updated: 2017-10-10

Summary

Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.

Vulnerable Configurations

Part	Description	Count
Application	Samba Samba Samba 2.0.7	1

Exploit-Db

description	SAMBA 2.0.7 SWAT Logfile Permissions Vulnerability. CVE-2000-0936. Local exploit for linux platform
id	EDB-ID:20341
last seen	2016-02-02
modified	2000-11-01
published	2000-11-01
reporter	miah
source	https://www.exploit-db.com/download/20341/
title	SAMBA 2.0.7 SWAT Logfile Permissions Vulnerability

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html
http://www.securityfocus.com/bid/1874
https://exchange.xforce.ibmcloud.com/vulnerabilities/5445