Lucene search
SuseSUSE-SA:2004:022HistoryJul 23, 2004 - 11:20 a.m.
remote root compromise in samba
2004-07-2311:20:42
lists.opensuse.org
16
0.964 High
EPSS
Percentile
99.4%
The Samba Web Administration Tool (SWAT) was found vulnerable to a buffer overflow in its base64 code. This buffer overflow can possibly be exploited remotely before any authentication took place to execute arbitrary code. The same piece of vulnerable code was also used in ldapsam passdb and in the ntlm_auth tool. This vulnerability only exists on Samba 3.0.2 to 3.0.4.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 8.2 | i586 | libsmbclient-devel | < 2.2.8a-220 | libsmbclient-devel-2.2.8a-220.i586.rpm |
| openSUSE | 9.1 | x86_64 | samba-python | < 3.0.4-1.27 | samba-python-3.0.4-1.27.x86_64.rpm |
| openSUSE | 9.1 | x86_64 | libsmbclient-devel | < 3.0.4-1.27 | libsmbclient-devel-3.0.4-1.27.x86_64.rpm |
| openSUSE | 9.0 | i586 | libsmbclient | < 2.2.8a-220 | libsmbclient-2.2.8a-220.i586.rpm |
| openSUSE | 9.1 | x86_64 | samba-doc | < 3.0.4-1.12 | samba-doc-3.0.4-1.12.x86_64.rpm |
| openSUSE | 9.0 | x86_64 | libsmbclient | < 2.2.8a-220 | libsmbclient-2.2.8a-220.x86_64.rpm |
| openSUSE | 9.1 | i586 | samba-client | < 3.0.4-1.27 | samba-client-3.0.4-1.27.i586.rpm |
| openSUSE | 8.2 | i586 | samba-doc | < 2.2.8a-220 | samba-doc-2.2.8a-220.i586.rpm |
| openSUSE | 9.1 | x86_64 | samba-winbind | < 3.0.4-1.27 | samba-winbind-3.0.4-1.27.x86_64.rpm |
| openSUSE | 9.1 | i586 | samba-winbind | < 3.0.4-1.27 | samba-winbind-3.0.4-1.27.i586.rpm |
Related
openvas
openvas
HP-UX Update for the CIFS Server HPSBUX01062
2009-05-05 00:00:00
Gentoo Security Advisory GLSA 200407-21 (Samba)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200405-25 (tla)
2008-09-24 00:00:00
securityvulns
securityvulns
Security Release - Samba 3.0.5 and 2.2.10
2004-07-23 00:00:00
[security bulletin] SSRT4782 rev. 0 HP-UX CIFS Server potential remote root access
2004-07-28 00:00:00
SUSE Security Announcement: kernel (SuSE-SA:2004:017)
2004-06-18 00:00:00
nessus
nessus
GLSA-200407-21 : Samba: Multiple buffer overflows
2004-08-30 00:00:00
Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2004:078)
2004-07-31 00:00:00
RHEL 3 : samba (RHSA-2004:259)
2004-07-22 00:00:00
freebsd
freebsd
Multiple Potential Buffer Overruns in Samba
2004-07-14 00:00:00
neon date parsing vulnerability
2004-05-19 00:00:00
neon format string vulnerabilities
2004-04-14 00:00:00
redhat
redhat
(RHSA-2004:259) samba security update
2004-07-22 00:00:00
(RHSA-2004:191) cadaver security update
2004-05-19 00:00:00
(RHSA-2004:404) samba security update
2004-07-26 00:00:00
slackware
slackware
new samba packages
2004-07-25 20:24:19
gentoo
gentoo
Samba: Multiple buffer overflows
2004-07-29 00:00:00
cadaver heap-based buffer overflow
2004-05-20 00:00:00
neon heap-based buffer overflow
2004-05-20 00:00:00
suse
suse
remote system compromise in subversion
2004-06-17 09:42:39
remote system compromise in squid
2004-06-09 14:47:16
local denial-of-service attack in kernel
2004-06-16 14:13:55
debiancve
debiancve
ubuntucve
ubuntucve
CVE-2004-0398
2004-07-07 00:00:00
CVE-2004-0179
2004-06-01 00:00:00
osv
osv
neon - buffer overflow
2004-05-19 00:00:00
neon - format string
2004-04-16 00:00:00
debian
debian
[SECURITY] [DSA 506-1] New neon packages fix buffer overflow
2004-05-19 09:21:53
[SECURITY] [DSA 507-1] New cadaver packages fix buffer overflow
2004-05-19 11:36:47
[SECURITY] [DSA 487-1] New neon packages fix format string vulnerabilities
2004-04-17 01:44:24
cve
cve
checkpoint_advisories
checkpoint_advisories
Samba SWAT HTTP Authentication Buffer Overflow (CVE-2004-0600)
2009-10-27 00:00:00
packetstorm
packetstorm
sambaPoC.txt
2004-07-23 00:00:00
samba
samba
Potential Buffer Overrun in SWAT
2004-07-22 00:00:00
Potential Buffer Overrun in smbd
2004-07-22 00:00:00
cert
cert