Lucene search
UbuntuUSN-29-1HistoryNov 18, 2004 - 12:00 a.m.
samba vulnerability
2004-11-1800:00:00
ubuntu.com
25
Releases
- Ubuntu 4.10
Details
During an audit of the Samba 3.x code base Stefan Esser discovered a
Unicode file name buffer overflow within the handling of
TRANSACT2_QFILEPATHINFO replies. A malicious samba user with write
access to a share could exploit this by creating specially crafted
path names (files with very long names containing Unicode characters)
that would overflow an internal buffer and could lead to remote
execution of arbitrary code with the privileges of the samba server.
Since the samba server usually (by default) runs as root, this flaw
can lead to privilege escalation and unbounded system compromise.
References
Related
debiancve
debiancve
CVE-2004-0882
2005-01-27 05:00:00
nessus
nessus
Mandrake Linux Security Advisory : samba (MDKSA-2004:136)
2004-11-19 00:00:00
Ubuntu 4.10 : samba vulnerability (USN-29-1)
2006-01-15 00:00:00
cve
cve
CVE-2004-0882
2005-01-27 05:00:00
cert
cert
openvas
openvas
Ubuntu: Security Advisory (USN-29-1)
2022-08-26 00:00:00
FreeBSD Ports: samba
2008-09-04 00:00:00
FreeBSD Ports: samba
2008-09-04 00:00:00
samba
samba
Possible Buffer Overrun in smbd
2004-11-15 00:00:00
securityvulns
securityvulns
[SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd
2004-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Samba Unicode Filename Buffer Overflow (CVE-2004-0882)
2015-10-25 00:00:00
freebsd
freebsd
smbd -- buffer-overrun vulnerability
2004-11-15 00:00:00
ubuntucve
ubuntucve
CVE-2004-0882
2005-01-27 00:00:00
cvelist
cvelist
CVE-2004-0882
2004-11-19 05:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2004-11-11 00:00:00
redhat
redhat
(RHSA-2004:632) samba security update
2004-11-16 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2004-11-19 00:00:00
suse
suse
potential remote buffer overflow in samba
2004-11-15 22:07:05