Critical

CVE-2003-0085 - Unspecified vulnerability in multiple products

Publication: 2003-03-31
Summary

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

Risk level (CVSS 10)

Critical

10.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • HP Cifs-9000 Server a.01.05
  • Samba Samba 2.2.7a
  • HP Cifs-9000 Server a.01.07
  • HP Cifs-9000 Server a.01.08
  • HP Cifs-9000 Server a.01.08.01
  • HP Cifs-9000 Server a.01.09
  • HP Cifs-9000 Server a.01.09.01
  • Samba Samba 2.0.0
  • Samba Samba 2.0.1
  • Samba Samba 2.0.2
  • Samba Samba 2.0.3
  • Samba Samba 2.0.4
  • Samba Samba 2.0.5
  • Samba Samba 2.0.6
  • HP Cifs-9000 Server a.01.06
  • Samba Samba 2.0.8
  • Samba Samba 2.0.9
  • Samba Samba 2.0.10
  • Samba Samba 2.2.0
  • Samba Samba 2.2.0a
  • Samba Samba 2.2.1a
  • Samba Samba 2.2.2
  • Samba Samba 2.2.3
  • Samba Samba 2.2.3a
  • Samba Samba 2.2.4
  • Samba Samba 2.2.5
  • Samba Samba 2.2.6
  • Samba Samba 2.2.7
  • Samba Samba 2.0.7