7.5

CVE-2003-0686

Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dave AirliePam Smb Version1.1
Dave AirliePam Smb Version1.1.1
Dave AirliePam Smb Version1.1.2
Dave AirliePam Smb Version1.1.3
Dave AirliePam Smb Version1.1.4
Dave AirliePam Smb Version1.1.5
Dave AirliePam Smb Version1.1.6
Dave AirliePam Smb Version2.0_rc4
RedhatPam Smb Version1.1.6-2 Editioni386
RedhatPam Smb Version1.1.6-2 Editionia64
RedhatPam Smb Version1.1.6-5 Editioni386
RedhatPam Smb Version1.1.6-7 Editioni386
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 25.43% 0.977
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000734
http://marc.info/?l=bugtraq&m=106252769930090&w=2
http://secunia.com/advisories/9611
http://us2.samba.org/samba/ftp/pam_smb/
http://www.debian.org/security/2003/dsa-374
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/680260
US Government Resource
http://www.redhat.com/support/errata/RHSA-2003-261.html
http://www.redhat.com/support/errata/RHSA-2003-262.html
Patch
Vendor Advisory
http://www.turbolinux.com/security/TLSA-2003-50.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A469