TITLE: HP CIFS Server Arbitrary File Access Vulnerability SECUNIA ADVISORY ID: SA12895 VERIFY ADVISORY: http://secunia.com/advisories/12895/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network SOFTWARE: HP CIFS Server 2.2 1.x http://secunia.com/product/4115/ DESCRIPTION: HP has acknowledged a vulnerability in HP CIFS Server, which can be exploited by malicious users to access arbitrary files and directories. For more information: SA12696 SOLUTION: Update to HP CIFS (Samba) version A.01.11.03. https://payment.ecommerce.hp.com/portal/swdepot/try.do?productNumber=B8725AA ORIGINAL ADVISORY: SSRT4838: http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01086 OTHER REFERENCES: SA12696: http://secunia.com/advisories/12696/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org ----------------------------------------------------------------------