Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0686

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0686
Last Modified 21 Aug 2010 12:21:03
Published 27 Jul 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0686

Summary

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

Vulnerable Systems

Operating System

  • Trustix Secure Linux 1.5

  • Trustix Secure Linux 2.0

  • Trustix Secure Linux 2.1

Application

  • Samba 3.0

  • Samba 3.0.0

  • Samba 3.0.1

  • Samba 3.0.2

  • Samba 3.0.2a

  • Samba 3.0.3

  • Samba 3.0.4


References

REDHAT - RHSA-2004:259

BUGTRAQ - 20040722 Security Release - Samba 3.0.5 and 2.2.10

XF - samba-mangling-method-bo(16786)

TRUSTIX - 2004-0039

SUSE - SUSE-SA:2004:022

MANDRAKE - MDKSA-2004:071

GENTOO - GLSA-200407-21

SUNALERT - 57664

SUNALERT - 101584

FEDORA - FLSA:2102

HP - SSRT4782

BUGTRAQ - 20040722 TSSA-2004-014 - samba

BUGTRAQ - 20040722 [OpenPKG-SA-2004.033] OpenPKG Security Advisory (samba)

CONECTIVA - CLA-2004:854

CONECTIVA - CLA-2004:851


Last Updated: 27 May 2016 10:38:43