CVE-2009-1886
Samba 3.2.0-3.2.12 - Remote Code Execution via Format String in Filename
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-1886. PoCs published by Jeremy Allison.
AI-analyzed exploit summary The provided code is a minimal proof-of-concept for CVE-2009-1886, demonstrating a path traversal vulnerability in Samba via a malformed filename. It lacks executable exploit logic and serves as a placeholder for further development.
Description
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.
Exploits (1)
The provided code is a minimal proof-of-concept for CVE-2009-1886, demonstrating a path traversal vulnerability in Samba via a malformed filename. It lacks executable exploit logic and serves as a placeholder for further development.