remote root access in samba

2003-04-0720:29:18

lists.opensuse.org

0.971 High

EPSS

Percentile

99.7%

JSON

Digital Defense Inc. have discovered a buffer overflow in the samba file server, the widely spread implementation of the SMB protocol. The flaw allows a remote attacker to execute arbitrary commands as root on a server that runs a vulnerable version of samba. The vulnerability is known as DDI trans2.c overflow bug and is assigned the CVE ID CAN-2003-0201. Since this vulnerability was found during an analysis of an exploit happening in the wild, it should be assumed that exploits are circulating in the internet.

OSVersionArchitecturePackageVersionFilename
openSUSE7.1i386smbclnt< 2.0.10-32smbclnt-2.0.10-32.i386.rpm
openSUSE7.1i386samba< 2.0.10-32samba-2.0.10-32.i386.rpm
openSUSE7.2i386samba< 2.2.0a-52samba-2.2.0a-52.i386.rpm
openSUSE7.3sparcsamba-client< 2.2.1a-76samba-client-2.2.1a-76.sparc.rpm
openSUSE7.1alphasmbclnt< 2.0.10-23smbclnt-2.0.10-23.alpha.rpm
openSUSE8.1i586samba-client< 2.2.5-178samba-client-2.2.5-178.i586.rpm
openSUSE7.1ppcsamba< 2.0.10-24samba-2.0.10-24.ppc.rpm
openSUSE7.3sparcsamba< 2.2.1a-76samba-2.2.1a-76.sparc.rpm
openSUSE8.0i386samba-client< 2.2.3a-172samba-client-2.2.3a-172.i386.rpm
openSUSE7.1alphasamba< 2.0.10-23samba-2.0.10-23.alpha.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.1	i386	smbclnt	< 2.0.10-32	smbclnt-2.0.10-32.i386.rpm
openSUSE	7.1	i386	samba	< 2.0.10-32	samba-2.0.10-32.i386.rpm
openSUSE	7.2	i386	samba	< 2.2.0a-52	samba-2.2.0a-52.i386.rpm
openSUSE	7.3	sparc	samba-client	< 2.2.1a-76	samba-client-2.2.1a-76.sparc.rpm
openSUSE	7.1	alpha	smbclnt	< 2.0.10-23	smbclnt-2.0.10-23.alpha.rpm
openSUSE	8.1	i586	samba-client	< 2.2.5-178	samba-client-2.2.5-178.i586.rpm
openSUSE	7.1	ppc	samba	< 2.0.10-24	samba-2.0.10-24.ppc.rpm
openSUSE	7.3	sparc	samba	< 2.2.1a-76	samba-2.2.1a-76.sparc.rpm
openSUSE	8.0	i386	samba-client	< 2.2.3a-172	samba-client-2.2.3a-172.i386.rpm
openSUSE	7.1	alpha	samba	< 2.0.10-23	samba-2.0.10-23.alpha.rpm