10

CVE-2003-0201

Exploit
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version2.0.0
SambaSamba Version2.0.1
SambaSamba Version2.0.2
SambaSamba Version2.0.3
SambaSamba Version2.0.4
SambaSamba Version2.0.5
SambaSamba Version2.0.6
SambaSamba Version2.0.7
SambaSamba Version2.0.8
SambaSamba Version2.0.9
SambaSamba Version2.0.10
SambaSamba Version2.2.0
SambaSamba Version2.2.0a
SambaSamba Version2.2.1a
SambaSamba Version2.2.3a
SambaSamba Version2.2.4
SambaSamba Version2.2.5
SambaSamba Version2.2.6
SambaSamba Version2.2.7
SambaSamba Version2.2.7a
SambaSamba Version2.2.8
Samba-tngSamba-tng Version0.3
Samba-tngSamba-tng Version0.3.1
ApplemacOS X Version10.2
ApplemacOS X Version10.2.1
ApplemacOS X Version10.2.2
ApplemacOS X Version10.2.3
ApplemacOS X Version10.2.4
CompaqTru64 Version4.0b
CompaqTru64 Version4.0d
CompaqTru64 Version4.0d_pk9_bl17
CompaqTru64 Version4.0f
CompaqTru64 Version4.0f_pk6_bl17
CompaqTru64 Version4.0f_pk7_bl18
CompaqTru64 Version4.0g
CompaqTru64 Version4.0g_pk3_bl17
CompaqTru64 Version5.0
CompaqTru64 Version5.0_pk4_bl17
CompaqTru64 Version5.0_pk4_bl18
CompaqTru64 Version5.0a
CompaqTru64 Version5.0a_pk3_bl17
CompaqTru64 Version5.0f
CompaqTru64 Version5.1
CompaqTru64 Version5.1_pk3_bl17
CompaqTru64 Version5.1_pk4_bl18
CompaqTru64 Version5.1_pk5_bl19
CompaqTru64 Version5.1_pk6_bl20
CompaqTru64 Version5.1a
CompaqTru64 Version5.1a_pk1_bl1
CompaqTru64 Version5.1a_pk2_bl2
CompaqTru64 Version5.1a_pk3_bl3
CompaqTru64 Version5.1b
CompaqTru64 Version5.1b_pk1_bl1
HpHp-ux Version10.01
HpHp-ux Version10.20
HpHp-ux Version10.24
HpHp-ux Version11.00
HpHp-ux Version11.04
HpHp-ux Version11.11
HpHp-ux Version11.20
HpHp-ux Version11.22
SunSolaris Version2.5.1 Editionppc
SunSolaris Version2.5.1 Editionx86
SunSolaris Version2.6
SunSolaris Version7.0 Editionx86
SunSolaris Version8.0 Editionx86
SunSolaris Version9.0 Editionsparc
SunSolaris Version9.0 Editionx86
SunSolaris Version9.0 Updatex86_update_2
SunSunos Version-
SunSunos Version5.5.1
SunSunos Version5.7
SunSunos Version5.8
HpCifs-9000 Server Versiona.01.05
HpCifs-9000 Server Versiona.01.06
HpCifs-9000 Server Versiona.01.07
HpCifs-9000 Server Versiona.01.08
HpCifs-9000 Server Versiona.01.08.01
HpCifs-9000 Server Versiona.01.09
HpCifs-9000 Server Versiona.01.09.01
HpCifs-9000 Server Versiona.01.09.02
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 84.5% 0.997
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=104974612519064&w=2
http://www.debian.org/security/2003/dsa-280
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2003:044
http://www.redhat.com/support/errata/RHSA-2003-137.html
ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624
http://marc.info/?l=bugtraq&m=104972664226781&w=2
http://marc.info/?l=bugtraq&m=104981682014565&w=2
http://marc.info/?l=bugtraq&m=104994564212488&w=2
http://www.digitaldefense.net/labs/advisories/DDI-1013.txt
http://www.kb.cert.org/vuls/id/267873
US Government Resource
http://www.novell.com/linux/security/advisories/2003_025_samba.html
http://www.securityfocus.com/bid/7294
Patch
Vendor Advisory
Exploit
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567