CVE-2003-0196

Current Description

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Basic Data

PublishedMay 05, 2003
Last ModifiedOctober 30, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationSambaSamba2.0.0*******
    2.3ApplicationSambaSamba2.0.1*******
    2.3ApplicationSambaSamba2.0.2*******
    2.3ApplicationSambaSamba2.0.3*******
    2.3ApplicationSambaSamba2.0.4*******
    2.3ApplicationSambaSamba2.0.5*******
    2.3ApplicationSambaSamba2.0.6*******
    2.3ApplicationSambaSamba2.0.7*******
    2.3ApplicationSambaSamba2.0.8*******
    2.3ApplicationSambaSamba2.0.9*******
    2.3ApplicationSambaSamba2.0.10*******
    2.3ApplicationSambaSamba2.2.0*******
    2.3ApplicationSambaSamba2.2.0a*******
    2.3ApplicationSambaSamba2.2.1a*******
    2.3ApplicationSambaSamba2.2.2*******
    2.3ApplicationSambaSamba2.2.3*******
    2.3ApplicationSambaSamba2.2.3a*******
    2.3ApplicationSambaSamba2.2.4*******
    2.3ApplicationSambaSamba2.2.5*******
    2.3ApplicationSambaSamba2.2.6*******
    2.3ApplicationSambaSamba2.2.7*******
    2.3ApplicationSambaSamba2.2.7a*******
    2.3ApplicationSambaSamba2.2.8*******
    2.3ApplicationSamba-tngSamba-tng0.3*******
    2.3ApplicationSamba-tngSamba-tng0.3.1*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSCompaqTru644.0b*******
    2.3OSCompaqTru644.0d*******
    2.3OSCompaqTru644.0d_pk9_bl17*******
    2.3OSCompaqTru644.0f*******
    2.3OSCompaqTru644.0f_pk6_bl17*******
    2.3OSCompaqTru644.0f_pk7_bl18*******
    2.3OSCompaqTru644.0g*******
    2.3OSCompaqTru644.0g_pk3_bl17*******
    2.3OSCompaqTru645.0*******
    2.3OSCompaqTru645.0_pk4_bl17*******
    2.3OSCompaqTru645.0_pk4_bl18*******
    2.3OSCompaqTru645.0a*******
    2.3OSCompaqTru645.0a_pk3_bl17*******
    2.3OSCompaqTru645.0f*******
    2.3OSCompaqTru645.1*******
    2.3OSCompaqTru645.1_pk3_bl17*******
    2.3OSCompaqTru645.1_pk4_bl18*******
    2.3OSCompaqTru645.1_pk5_bl19*******
    2.3OSCompaqTru645.1_pk6_bl20*******
    2.3OSCompaqTru645.1a*******
    2.3OSCompaqTru645.1a_pk1_bl1*******
    2.3OSCompaqTru645.1a_pk2_bl2*******
    2.3OSCompaqTru645.1a_pk3_bl3*******
    2.3OSCompaqTru645.1b*******
    2.3OSCompaqTru645.1b_pk1_bl1*******
    2.3OSHpHp-ux10.01*******
    2.3OSHpHp-ux10.20*******
    2.3OSHpHp-ux10.24*******
    2.3OSHpHp-ux11.00*******
    2.3OSHpHp-ux11.04*******
    2.3OSHpHp-ux11.11*******
    2.3OSHpHp-ux11.20*******
    2.3OSHpHp-ux11.22*******
    2.3OSSunSolaris2.5.1*ppc*****
    2.3OSSunSolaris2.5.1*x86*****
    2.3OSSunSolaris2.6*******
    2.3OSSunSolaris7.0*x86*****
    2.3OSSunSolaris8.0*x86*****
    2.3OSSunSolaris9.0*sparc*****
    2.3OSSunSolaris9.0*x86*****
    2.3OSSunSunos-*******
    2.3OSSunSunos5.5.1*******
    2.3OSSunSunos5.7*******
    2.3OSSunSunos5.8*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationHpCifs-9000 Servera.01.05*******
    2.3ApplicationHpCifs-9000 Servera.01.06*******
    2.3ApplicationHpCifs-9000 Servera.01.07*******
    2.3ApplicationHpCifs-9000 Servera.01.08*******
    2.3ApplicationHpCifs-9000 Servera.01.08.01*******
    2.3ApplicationHpCifs-9000 Servera.01.09*******
    2.3ApplicationHpCifs-9000 Servera.01.09.01*******
    2.3ApplicationHpCifs-9000 Servera.01.09.02*******

Vulnerable Software List

VendorProductVersions
Samba-tng Samba-tng 0.3, 0.3.1
Samba Samba 2.0.0, 2.0.1, 2.0.10, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.2.0, 2.2.0a, 2.2.1a, 2.2.2, 2.2.3, 2.2.3a, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.7a, 2.2.8
Hp Hp-ux 10.01, 10.20, 10.24, 11.00, 11.04, 11.11, 11.20, 11.22
Hp Cifs-9000 Server a.01.05, a.01.06, a.01.07, a.01.08, a.01.08.01, a.01.09, a.01.09.01, a.01.09.02
Sun Solaris 2.5.1, 2.6, 7.0, 8.0, 9.0
Sun Sunos -, 5.5.1, 5.7, 5.8
Compaq Tru64 4.0b, 4.0d, 4.0d_pk9_bl17, 4.0f, 4.0f_pk6_bl17, 4.0f_pk7_bl18, 4.0g, 4.0g_pk3_bl17, 5.0, 5.0_pk4_bl17, 5.0_pk4_bl18, 5.0a, 5.0a_pk3_bl17, 5.0f, 5.1, 5.1_pk3_bl17, 5.1_pk4_bl18, 5.1_pk5_bl19, 5.1_pk6_bl20, 5.1a, 5.1a_pk1_bl1, 5.1a_pk2_bl2, 5.1a_pk3_bl3, 5.1b, 5.1b_pk1_bl1

References

NameSourceURLTags
20030407 [OpenPKG-SA-2003.028] OpenPKG Security Advisory (samba)http://marc.info/?l=bugtraq&m=104973186901597&w=2BUGTRAQ
20030407 Immunix Secured OS 7+ samba updatehttp://marc.info/?l=bugtraq&m=104974612519064&w=2BUGTRAQ
DSA-280http://www.debian.org/security/2003/dsa-280DEBIANPatch Vendor Advisory
MDKSA-2003:044http://www.mandriva.com/security/advisories?name=MDKSA-2003:044MANDRAKE
RHSA-2003:137http://www.redhat.com/support/errata/RHSA-2003-137.htmlREDHATPatch Vendor Advisory
oval:org.mitre.oval:def:564https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564OVAL