CVE Vulnerabilities

CVE-2004-1154

Published: Jan 10, 2005 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Samba Samba 2.0.0 (including) 2.0.0 (including)
Samba Samba 2.0.1 (including) 2.0.1 (including)
Samba Samba 2.0.2 (including) 2.0.2 (including)
Samba Samba 2.0.3 (including) 2.0.3 (including)
Samba Samba 2.0.4 (including) 2.0.4 (including)
Samba Samba 2.0.5 (including) 2.0.5 (including)
Samba Samba 2.0.6 (including) 2.0.6 (including)
Samba Samba 2.0.7 (including) 2.0.7 (including)
Samba Samba 2.0.8 (including) 2.0.8 (including)
Samba Samba 2.0.9 (including) 2.0.9 (including)
Samba Samba 2.0.10 (including) 2.0.10 (including)
Samba Samba 2.2.0 (including) 2.2.0 (including)
Samba Samba 2.2.0a (including) 2.2.0a (including)
Samba Samba 2.2.1a (including) 2.2.1a (including)
Samba Samba 2.2.2 (including) 2.2.2 (including)
Samba Samba 2.2.3 (including) 2.2.3 (including)
Samba Samba 2.2.3a (including) 2.2.3a (including)
Samba Samba 2.2.4 (including) 2.2.4 (including)
Samba Samba 2.2.5 (including) 2.2.5 (including)
Samba Samba 2.2.6 (including) 2.2.6 (including)
Samba Samba 2.2.7 (including) 2.2.7 (including)
Samba Samba 2.2.7a (including) 2.2.7a (including)
Samba Samba 2.2.8 (including) 2.2.8 (including)
Samba Samba 2.2.8a (including) 2.2.8a (including)
Samba Samba 2.2.9 (including) 2.2.9 (including)
Samba Samba 2.2.11 (including) 2.2.11 (including)
Samba Samba 2.2.12 (including) 2.2.12 (including)
Samba Samba 2.2a (including) 2.2a (including)
Samba Samba 3.0.0 (including) 3.0.0 (including)
Samba Samba 3.0.1 (including) 3.0.1 (including)
Samba Samba 3.0.2 (including) 3.0.2 (including)
Samba Samba 3.0.2a (including) 3.0.2a (including)
Samba Samba 3.0.3 (including) 3.0.3 (including)
Samba Samba 3.0.4 (including) 3.0.4 (including)
Samba Samba 3.0.4-rc1 (including) 3.0.4-rc1 (including)
Samba Samba 3.0.5 (including) 3.0.5 (including)
Samba Samba 3.0.6 (including) 3.0.6 (including)
Samba Samba 3.0.7 (including) 3.0.7 (including)
Samba Samba 3.0.8 (including) 3.0.8 (including)
Samba Samba 3.0.9 (including) 3.0.9 (including)
Samba Ubuntu devel *
Red Hat Enterprise Linux 3 RedHat samba-0:3.0.9-1.3E.1 *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux ES version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Enterprise Linux WS version 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *
Red Hat Linux Advanced Workstation 2.1 RedHat *

References