CVE-2004-0600 | Vulnerability Database | Aqua Security

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

Affected Software

Name	Vendor	Start Version	End Version
Samba	Samba	3.0.2	3.0.2
Samba	Samba	3.0.2a	3.0.2a
Samba	Samba	3.0.3	3.0.3
Samba	Samba	3.0.4	3.0.4
Red Hat Enterprise Linux 3	RedHat	samba-0:3.0.4-6.3E	*

References

http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000851
http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000854
http://marc.info/?l=bugtraq\u0026m=109051340810458\u0026w=2
http://marc.info/?l=bugtraq\u0026m=109051533021376\u0026w=2
http://marc.info/?l=bugtraq\u0026m=109052647928375\u0026w=2
http://marc.info/?l=bugtraq\u0026m=109052891507263\u0026w=2
http://marc.info/?l=bugtraq\u0026m=109053195818351\u0026w=2
http://www.gentoo.org/security/en/glsa/glsa-200407-21.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:071
http://www.novell.com/linux/security/advisories/2004_22_samba.html
http://www.redhat.com/support/errata/RHSA-2004-259.html
http://www.trustix.org/errata/2004/0039/
https://exchange.xforce.ibmcloud.com/vulnerabilities/16785
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11445

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0600
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html