Vulnerabilities > CVE-2004-0186 - Local Privilege Elevation vulnerability in Linux Kernel Samba Share
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| OS | 15 |
Exploit-Db
| description | Linux Kernel Samba 2.2.8 Share Local Privilege Elevation Vulnerability. CVE-2004-0186. Local exploit for linux platform |
| id | EDB-ID:23674 |
| last seen | 2016-02-02 |
| modified | 2004-02-09 |
| published | 2004-02-09 |
| reporter | Martin Fiala |
| source | https://www.exploit-db.com/download/23674/ |
| title | Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability |
Nessus
NASL family Misc. NASL id SAMBA_SMBMNT.NASL description According to its banner, the version of Samba running on the remote host is in the 2.x or 3.x branch. Such versions are shipped with a utility called last seen 2020-06-01 modified 2020-06-02 plugin id 17723 published 2011-11-18 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17723 title Samba smbmnt Local Privilege Escalation NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-035.NASL description A vulnerability was discovered in samba where a local user could use the smbmnt utility, which is shipped suid root, to mount a file share from a remote server which would contain a setuid program under the control of the user. By executing this setuid program, the local user could elevate their privileges on the local system. The updated packages are patched to prevent this problem. The version of samba shipped with Mandrakelinux 10.0 does not have this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 14134 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14134 title Mandrake Linux Security Advisory : samba (MDKSA-2004:035) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-463.NASL description Samba, a LanManager-like file and printer server for Unix, was found to contain a vulnerability whereby a local user could use the last seen 2020-06-01 modified 2020-06-02 plugin id 15300 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15300 title Debian DSA-463-1 : samba - privilege escalation