CVE-2004-0600

2004-07-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0600

samba

swat

buffer overflow

remote code execution

nvd

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.6%

JSON

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

CPENameOperatorVersion
samba:sambasambaeq3.0.3
samba:sambasambaeq3.0.2a
samba:sambasambaeq3.0.2
samba:sambasambaeq3.0.4
trustix:secure_linuxtrustix secure linuxeq2.0
trustix:secure_linuxtrustix secure linuxeq1.5
trustix:secure_linuxtrustix secure linuxeq2.1

CPE	Name	Operator	Version
samba:samba	samba	eq	3.0.3
samba:samba	samba	eq	3.0.2a
samba:samba	samba	eq	3.0.2
samba:samba	samba	eq	3.0.4
trustix:secure_linux	trustix secure linux	eq	2.0
trustix:secure_linux	trustix secure linux	eq	1.5
trustix:secure_linux	trustix secure linux	eq	2.1