Lucene search

[email protected]NVD:CVE-2004-1154

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1154

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.111

Percentile

95.2%

JSON

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

sambasambaMatch2.0.0

sambasambaMatch2.0.1

sambasambaMatch2.0.2

sambasambaMatch2.0.3

sambasambaMatch2.0.4

sambasambaMatch2.0.5

sambasambaMatch2.0.6

sambasambaMatch2.0.7

sambasambaMatch2.0.8

sambasambaMatch2.0.9

sambasambaMatch2.0.10

sambasambaMatch2.2.0

sambasambaMatch2.2.0a

sambasambaMatch2.2.1a

sambasambaMatch2.2.2

sambasambaMatch2.2.3

sambasambaMatch2.2.3a

sambasambaMatch2.2.4

sambasambaMatch2.2.5

sambasambaMatch2.2.6

sambasambaMatch2.2.7

sambasambaMatch2.2.7a

sambasambaMatch2.2.8

sambasambaMatch2.2.8a

sambasambaMatch2.2.9

sambasambaMatch2.2.11

sambasambaMatch2.2.12

sambasambaMatch2.2a

sambasambaMatch3.0.0

sambasambaMatch3.0.1

sambasambaMatch3.0.2

sambasambaMatch3.0.2a

sambasambaMatch3.0.3

sambasambaMatch3.0.4

sambasambaMatch3.0.4rc1

sambasambaMatch3.0.5

sambasambaMatch3.0.6

sambasambaMatch3.0.7

sambasambaMatch3.0.8

sambasambaMatch3.0.9

Node

redhatfedora_coreMatchcore_2.0

redhatfedora_coreMatchcore_3.0

susesuse_linuxMatch1.0desktop

susesuse_linuxMatch8.1

susesuse_linuxMatch8.2

susesuse_linuxMatch9.0

susesuse_linuxMatch9.0enterprise_server

susesuse_linuxMatch9.0x86_64

susesuse_linuxMatch9.1

susesuse_linuxMatch9.2

trustixsecure_linuxMatch2.0

trustixsecure_linuxMatch2.1

trustixsecure_linuxMatch2.2

VendorProductVersionCPE
sambasamba2.0.0cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
sambasamba2.0.1cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
sambasamba2.0.2cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
sambasamba2.0.3cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
sambasamba2.0.4cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
sambasamba2.0.5cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
sambasamba2.0.6cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
sambasamba2.0.7cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
sambasamba2.0.8cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
sambasamba2.0.9cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samba	samba	2.0.0	cpe:2.3:a:samba:samba:2.0.0:::::::*
samba	samba	2.0.1	cpe:2.3:a:samba:samba:2.0.1:::::::*
samba	samba	2.0.2	cpe:2.3:a:samba:samba:2.0.2:::::::*
samba	samba	2.0.3	cpe:2.3:a:samba:samba:2.0.3:::::::*
samba	samba	2.0.4	cpe:2.3:a:samba:samba:2.0.4:::::::*
samba	samba	2.0.5	cpe:2.3:a:samba:samba:2.0.5:::::::*
samba	samba	2.0.6	cpe:2.3:a:samba:samba:2.0.6:::::::*
samba	samba	2.0.7	cpe:2.3:a:samba:samba:2.0.7:::::::*
samba	samba	2.0.8	cpe:2.3:a:samba:samba:2.0.8:::::::*
samba	samba	2.0.9	cpe:2.3:a:samba:samba:2.0.9:::::::*